grill-with-docs
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from the local repository (specifically documentation like CONTEXT.md and ADRs, as well as the broader codebase) to inform its 'grilling' session. This creates an Indirect Prompt Injection surface where malicious content embedded in files could attempt to redirect agent behavior.
- Ingestion points: Reads documentation files (CONTEXT.md, ADRs) and performs general codebase exploration.
- Boundary markers: None provided; the skill does not explicitly use delimiters or instructions to ignore embedded commands within the processed files.
- Capability inventory: The skill has the capability to read any file in the repository and write/update documentation files.
- Sanitization: No evidence of sanitization or validation of the content read from the filesystem before it is used to influence the agent's response logic.
Audit Metadata