setup-agents-md
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists entirely of natural language instructions for the agent. It does not contain any scripts, executables, or command-line operations that could pose a direct security risk.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to read and process content from various repository files (e.g.,
Makefile,.github/workflows/*.yml,package.json). While these files represent an external data source that could theoretically contain malicious instructions (Indirect Prompt Injection), the risk is minimal as the agent's output is restricted to generating a Markdown documentation file and the skill possesses no capabilities for network exfiltration or arbitrary code execution. - [DATA_EXPOSURE]: The skill instructs the agent to scan for environment variable patterns and destructive commands (e.g.,
.env.example,db-reset) within the repository. This access is limited to the local file system within the repository scope and is performed solely to provide context and guardrails for the generated documentation, with no mechanisms for data exfiltration.
Audit Metadata