docs-generator
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to execute a local shell script,
docs-generator/scripts/generate-docs.sh, to regenerate documentation. This is a standard and expected operation for the skill's stated purpose. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its data ingestion process.
- Ingestion points: Plugin manifests and component folders are read from the repository (SKILL.md).
- Boundary markers: No specific boundary markers or instructions to ignore embedded instructions are provided.
- Capability inventory: The agent is authorized to execute a shell script and modify documentation files such as README and CLAUDE files (SKILL.md).
- Sanitization: No sanitization or validation steps for the ingested manifest content are mentioned.
Audit Metadata