dart-documentation
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the official Dart SDK tools (
dart analyze,dart doc) to perform its primary functions of code validation and documentation generation. These operations are appropriate for the skill's purpose and the vendor's context. - [EXTERNAL_DOWNLOADS]: The skill executes
dart pub getto resolve project dependencies from the official Dart package registry, which is a standard and expected operation for Dart development. - [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection (Category 8). 1. Ingestion points: External Dart source code files processed by the agent. 2. Boundary markers: None; there are no delimiters to isolate code content from the agent's instructions. 3. Capability inventory: Execution of filesystem-interacting commands (
dart analyze,dart doc). 4. Sanitization: No sanitization or validation of the input code is performed before analysis.
Audit Metadata