docs-diagram
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands, including 'find' and 'grep', to identify architectural components such as ORM models, services, and configuration files. These operations are limited to the local codebase and are necessary for the skill's primary function of generating system documentation.\n- [PROMPT_INJECTION]: The skill processes untrusted data from the local codebase (source code, filenames, and comments) to populate documentation templates, creating an indirect prompt injection surface.\n
- Ingestion points: Local codebase files identified via discovery tools.\n
- Boundary markers: Anti-Hallucination Guidelines in the skill instructions mandate verification of components before inclusion.\n
- Capability inventory: Read, Write, Grep, Glob, and Task tools.\n
- Sanitization: Relies on the agent to parse source code structure into Mermaid syntax and verify existence through sub-agent tasks.\n- [COMMAND_EXECUTION]: The documentation includes dynamic context injection markers (using the '!' prefix) for automated component discovery. These markers execute benign search commands locally to facilitate the identification of relevant files without accessing sensitive data or performing network operations.
Audit Metadata