readme-generator

Pass

Audited by Gen Agent Trust Hub on Jun 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses standard shell commands (ls, find) to map project structures and invokes the GitHub CLI (gh) to suggest or apply metadata updates. These interactions are transparent and interactive, especially for repository modifications.
  • [EXTERNAL_DOWNLOADS]: The project depends on the playwright library, which downloads browser binaries (Chromium) from a well-known service. This is a functional requirement for generating visual infographics from HTML templates.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it ingests and processes content from local project files to generate documentation.
  • Ingestion points: Reads files like package.json, README.md, and source code during the 'Phase 0' discovery process using find and head.
  • Boundary markers: The instructions do not define specific delimiters to separate untrusted file content from the agent's internal instructions.
  • Capability inventory: Includes file system writes, local script execution via Node.js, and repository metadata editing via the gh tool.
  • Sanitization: The skill lacks explicit sanitization or filtering logic for the raw text extracted from the analyzed project files before it is processed by the model.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 5, 2026, 05:31 AM
Security Audit — agent-trust-hub — readme-generator