configure-readme
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill employs dynamic context injection to execute shell commands at load time for metadata gathering.
- Evidence: The 'Context' section in 'SKILL.md' uses the '!command' syntax to execute 'pwd', 'basename', 'find', and 'git remote -v'. These commands are used to automatically establish parameters like the project name and existing repository remotes.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection when processing untrusted local configuration files.
- Ingestion points: Project metadata is read from 'package.json', 'pyproject.toml', 'Cargo.toml', and 'go.mod' as described in Step 1 of 'SKILL.md'.
- Boundary markers: Absent; there are no instructions defining delimiters or warnings to ignore embedded instructions within the ingested file content.
- Capability inventory: The skill has access to the 'Bash' tool and the 'Write' tool, allowing it to execute shell commands and modify the filesystem based on extracted metadata.
- Sanitization: Absent; the instructions do not include steps to validate or escape metadata before its inclusion in the generated documentation.
Audit Metadata