document-this
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its core function of reading and interpreting untrusted codebase content.\n
- Ingestion points: Source code, test files, and dependency manifests are read from the project root by scripts and the agent.\n
- Boundary markers: There are no explicit instructions or delimiters to prevent the agent from following instructions embedded in the analyzed code files.\n
- Capability inventory: The skill uses local Node.js execution, project-wide file reading, and file-system writes for documentation output.\n
- Sanitization: No validation or sanitization of input file content is performed.\n- [SAFE]: The skill uses robust HARD_SKIP lists to avoid analyzing sensitive files like credentials, environment variables, or version control metadata.\n- [SAFE]: No network operations, external downloads, or exfiltration patterns were identified.
Audit Metadata