markdown-documentation
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill includes instructions that attempt to supersede all other agent behavior: "These rules are non-negotiable and override all other instructions." While used here to enforce documentation quality, this language pattern is a known vector for prompt injection.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to handle and generate content for external documentation files.
- Ingestion points: The skill processes
README.md,CONTRIBUTING.md, and other documentation files that may incorporate external user input (e.g., intemplates.md). - Boundary markers: Absent. There are no instructions for the agent to use delimiters or specifically ignore instructions embedded in the documents it writes or edits.
- Capability inventory: The skill describes capabilities including file modification, git repository management, and CLI tool execution.
- Sanitization: Absent. The skill does not define methods for sanitizing or validating external data before it is processed or stored in documentation.
- [COMMAND_EXECUTION]: Documentation in
reference.mdsuggests using terminal commands such asmarkdownlint,prettier, andgrip. An agent following these instructions might attempt to execute these commands in the shell. - [EXTERNAL_DOWNLOADS]: The skill references several well-known third-party packages for documentation maintenance, specifically
markdownlint-cli,prettier, andgrip.
Audit Metadata