readme-generator
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill instructions direct the agent to examine local dependency and configuration files such as
package.json,build.gradle, andpyproject.toml. This access is necessary for the skill's primary function of extracting versioning and tech stack information for documentation purposes. - [INDIRECT_PROMPT_INJECTION]: The skill analyzes untrusted data from the user's codebase (source files, comments, and project configuration) to discover project features and requirements. While this represents an attack surface where malicious content in those files could attempt to influence the agent, the skill does not possess high-privilege capabilities such as network egress or arbitrary command execution that would enable a meaningful exploit. The evidence chain is as follows:
- Ingestion points: Dependency files (
package.json,pyproject.toml, etc.), source files, and build scripts. - Boundary markers: None explicitly defined in the instructions.
- Capability inventory: Local file read (agent-side), string parsing, and README creation. No network or subprocess operations are present in the provided scripts.
- Sanitization: Instructions include a directive to "Never guess or hallucinate features
- only document what's actually in the code."
- [SAFE]: The included Python scripts,
package.pyandvalidate_readme.py, perform local operations using standard libraries.package.pyusesyaml.safe_load()for secure parsing of frontmatter, andvalidate_readme.pyuses regular expressions for style checks. Neither script performs network operations or dangerous system modifications.
Audit Metadata