Skills
skills/espennilsen/pi/readme-reviewer/Gen Agent Trust Hub

readme-reviewer

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes standard shell utilities like find, ls, cat, and grep to perform static analysis of the project's structure and contents. These commands are limited to fact-gathering within the local codebase.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes untrusted file content from the codebase to generate documentation.
  • Ingestion points: Project manifests (package.json, requirements.txt, etc.), configuration files, and existing documentation are read from the repository.
  • Boundary markers: No explicit delimiters are used to wrap or isolate the data read from files during processing.
  • Capability inventory: The skill has the capability to create or modify the README.md file.
  • Sanitization: There is no mention of sanitizing or validating extracted data before including it in the generated content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 03:33 PM