blueprint-docs-list
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs directory listings and metadata extraction from project-specific documentation folders (
docs/adrs,docs/prds,docs/prps). It does not attempt to access sensitive system files, environment variables, or credentials. - [COMMAND_EXECUTION]: Uses standard Linux utilities such as
grep,sed,head,printf, andlsto parse markdown content. These operations are restricted to the local filesystem and are consistent with the skill's stated documentation auditing purpose. - [DATA_EXPOSURE]: No data exfiltration patterns or network operations were detected. The skill only processes local file metadata for the purpose of generating an index table for the user.
- [INDIRECT_PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests and processes content from untrusted documentation files.
- Ingestion points: Reads from
docs/prds/*.mdanddocs/prps/*.md(SKILL.md). - Boundary markers: Absent.
- Capability inventory: Includes file reading and shell-based string manipulation (
grep,sed). - Sanitization: Absent; the skill extracts lines matching specific patterns (
title:,status:, etc.) directly into formatted output.
Audit Metadata