docs-generator

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute a local shell script at docs-generator/scripts/generate-docs.sh from the repository root to regenerate project documentation.\n- [PROMPT_INJECTION]: The skill reads from plugin manifests and component folders, introducing an indirect prompt injection surface where malicious instructions in manifests could influence documentation generation.\n
  • Ingestion points: Plugin manifests and component folders are explicitly read to generate the documentation (SKILL.md).\n
  • Boundary markers: There are no boundary markers or instructions to ignore potential instructions embedded within the ingested data.\n
  • Capability inventory: The agent is instructed to read files and execute a shell script, creating a path for automated actions based on ingested content.\n
  • Sanitization: No sanitization or validation of the manifest descriptions or folder content is specified before they are processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:11 AM
Security Audit — agent-trust-hub — docs-generator