Skills
skills/levnikolaevich/claude-code-skills/ln-115-devops-docs-creator/Gen Agent Trust Hub

ln-115-devops-docs-creator

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill author's use of shared reference files and standardized documentation templates follows established project patterns.\n
  • Evidence: References such as docs_quality_contract.md and markdown_read_protocol.md are sourced from shared project directories.\n
  • Context: This demonstrates consistency with the vendor's documentation ecosystem.\n- [DATA_EXFILTRATION]: The skill reads project-level configuration and SSH files to generate inventory documentation.\n
  • Ingestion: Accesses docker-compose.yml, package.json, .env.example, and ~/.ssh/config to extract server and service metadata.\n
  • Context: This data access is limited to extracting metadata for documentation purposes and is consistent with the skill's primary function. There is no evidence of unauthorized exfiltration to external domains.\n- [PROMPT_INJECTION]: The skill ingests untrusted project data and interpolates it into markdown templates, creating a surface for indirect prompt injection.\n
  • Ingestion points: Project configuration files and the contextStore input (e.g., service names, script contents).\n
  • Boundary markers: While the output documents use scope tags, the ingestion and interpolation process lacks explicit 'ignore embedded instructions' markers or delimiters.\n
  • Capability inventory: The skill performs file system read and write operations across the project directory.\n
  • Sanitization: No explicit sanitization, escaping, or schema validation of the ingested strings is documented in the generation workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 08:29 PM