doc-authoring
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a comprehensive documentation toolset. It defines clear workflows for greenfield and brownfield projects, focusing on repository analysis and technical writing standards.
- [SAFE]: No evidence of prompt injection, data exfiltration, or unauthorized command execution was found. The instructions for 'verifying' documentation correctly emphasize static analysis and cross-referencing against the source code rather than arbitrary execution.
- [SAFE]: The skill includes instructions to identify configuration variables and environment variables (in
references/repo-analysis.md), but this is for documentation purposes (e.g., creating a Configuration Reference) and correctly uses placeholders in templates to avoid credential exposure. - [SAFE]: While the skill ingests untrusted repository data (Indirect Prompt Injection surface), this is inherent to its primary purpose as a documentation authoring tool. The instructions provide a structured approach that prioritizes factual accuracy derived from code analysis.
Audit Metadata