document-features
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's functionality is limited to repository documentation. It discovers documentation directories, reads codebase implementation details, and generates markdown files. It does not utilize network access, handle sensitive credentials, or execute arbitrary code.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it processes untrusted content from the repository's source code to generate documentation.
- Ingestion points: In Phase 3, subagents read local source code files,
AGENTS.md, andCONTEXT.mdto extract feature logic. - Boundary markers: The subagent prompt template does not include specific delimiters or instructions to ignore instructions found within the repository's files.
- Capability inventory: The skill's capabilities are restricted to file system read/write operations for markdown files (
.md). It lacks access to network tools, shell execution, or secret management. - Sanitization: There is no evidence of sanitization or filtering of the content read from the codebase before it is used by subagents to populate documentation templates.
Audit Metadata