fumadocs
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches documentation indexes and content from the official Fumadocs website (https://www.fumadocs.dev/) to provide accurate technical guidance for users working with the framework.
- [PROMPT_INJECTION]: Indirect prompt injection surface identified due to external data ingestion from documentation sites. 1. Ingestion points: The skill fetches information from external URLs under the fumadocs.dev domain. 2. Boundary markers: The sub-agent prompt template uses clear Markdown headers (e.g., ## Your Research Goal, ## Context) to separate agent instructions from fetched data. 3. Capability inventory: Uses the Task tool to spawn sub-agents for research, which can perform web fetches. 4. Sanitization: The sub-agent task is explicitly configured as readonly: true, preventing the sub-agent from making state-changing calls based on external input.
- [SAFE]: All activities are consistent with the skill's stated purpose of providing framework documentation. No obfuscation, credential access, or malicious command execution patterns were detected.
Audit Metadata