documentation
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection Surface: The skill processes repository documentation content, which technically serves as an external data source. There is a potential consideration for indirect prompt injection if that content were to contain malicious instructions. However, the skill provides explicit mitigation in
references/rai-guardrails.md, instructing the agent to treat all ingested content as data rather than instructions. - Standard Toolchain Execution: In
references/validation-toolchain.md, the skill references standard repository maintenance commands (e.g.,npm run lint:md,npm run docs:build). These are used within the context of the repository's existing CI/CD and development workflows for validation and build purposes. - Data Exposure Prevention: The skill includes a comprehensive sensitivity checklist in
references/content-sensitivity.mdto prevent the accidental inclusion of PII, secrets, or credentials in documentation. It also defines clear handoff triggers for formal security or privacy reviews when high-risk content is encountered. - Session State Management: The skill maintains session state locally within the
.copilot-tracking/documentation/directory, adhering to standard session persistence practices without externalizing data.
Audit Metadata