docs-consistency-check
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted documentation and manifest files to detect drift and apply fixes, creating an attack surface for indirect prompt injection.
- Ingestion points: In Step 1, the skill reads all Markdown files (README.md, CLAUDE.md, etc.), templates, and manifest files, as well as configuration files like .docs-consistency-check-ignore and intentional-variations.md.
- Boundary markers: The skill does not implement delimiters or specific 'ignore embedded instructions' markers for the content it ingests from project files.
- Capability inventory: The skill possesses the capability to modify files through the Edit tool in Step 7 based on its analysis of the ingested data.
- Sanitization: While it uses a 'paraphrase-only' rule for reporting results to prevent accidental secret leakage, it lacks sanitization or filtering for instructions that might be embedded within the project files, which could lead the agent to suggest or perform unintended actions.
Audit Metadata