readme-generator
Pass
Audited by Gen Agent Trust Hub on Jun 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses standard shell commands (
ls,find) to map project structures and invokes the GitHub CLI (gh) to suggest or apply metadata updates. These interactions are transparent and interactive, especially for repository modifications. - [EXTERNAL_DOWNLOADS]: The project depends on the
playwrightlibrary, which downloads browser binaries (Chromium) from a well-known service. This is a functional requirement for generating visual infographics from HTML templates. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it ingests and processes content from local project files to generate documentation.
- Ingestion points: Reads files like
package.json,README.md, and source code during the 'Phase 0' discovery process usingfindandhead. - Boundary markers: The instructions do not define specific delimiters to separate untrusted file content from the agent's internal instructions.
- Capability inventory: Includes file system writes, local script execution via Node.js, and repository metadata editing via the
ghtool. - Sanitization: The skill lacks explicit sanitization or filtering logic for the raw text extracted from the analyzed project files before it is processed by the model.
Audit Metadata