rewrite-python-docs
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute a local Python script and several external command-line utilities to maintain project documentation.
- The script
scripts/gen-ref-pages.pyis executed to programmatically generate markdown reference pages from source code. - The agent is directed to use
rumdlfor docstring formatting andmisefor project tasks such as linting and building documentation. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it treats external source code and existing docstrings as the primary source of information for its tasks.
- Ingestion points: Python source files (
.py) and docstrings within thesrc/directory are read and processed by the agent and thescripts/gen-ref-pages.pyscript. - Boundary markers: Absent. There are no instructions or delimiters provided to prevent the agent from accidentally following instructions that might be embedded within the source code being documented.
- Capability inventory: The skill allows the agent to modify the file system (writing to
docs/reference/) and execute developer tools (mise,rumdl), which could be leveraged if the agent is manipulated by malicious content in a docstring. - Sanitization: No sanitization, filtering, or validation is performed on the source code content before it is processed by the agent.
Audit Metadata