Skills
skills/gramiojs/documentation/enrich-api-page/Gen Agent Trust Hub

enrich-api-page

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches technical details from the official Telegram Bot API documentation (core.telegram.org) and package documentation from JSR (jsr.io). These are well-known and authoritative sources for the technical content being generated.
  • [COMMAND_EXECUTION]: Uses the Bash tool to perform Grep searches against local TypeScript definition files in node_modules/@gramio/contexts/. This is used to verify method signatures and ensure that generated code examples are accurate and type-safe.
  • [PROMPT_INJECTION]: The skill incorporates an indirect prompt injection surface by reading data from external web pages.
  • Ingestion points: External data is retrieved via WebFetch from core.telegram.org.
  • Boundary markers: The instructions provide clear boundaries by specifying which frontmatter fields and markdown sections to edit, and explicitly forbid modification of generated blocks between <!-- GENERATED:START --> and <!-- GENERATED:END --> tags.
  • Capability inventory: The skill has permissions to write and edit documentation files and execute Bash for pattern searching.
  • Sanitization: No specific sanitization of external documentation text is described, though the output is directed into static documentation files rather than executable scripts.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 12:35 PM