crafting-effective-readmes
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill acts as a documentation assistant and provides structured templates and best practices for writing READMEs. All analyzed content is consistent with its stated purpose.
- [DATA_EXPOSURE]: The skill templates (e.g.,
templates/internal.md) include placeholders for sensitive information likeAPI_KEYandDATABASE_URL. These are used correctly as documentation examples to show where users should describe their own configuration, and do not contain hardcoded secrets or instructions to exfiltrate data. - [PROMPT_INJECTION]: The skill processes project files such as
package.jsonand main source files to assess the project state for documentation purposes. While this creates a potential surface for indirect prompt injection (if an analyzed file contains malicious instructions), this is a standard and necessary function for a code-analysis tool.
Audit Metadata