rspress-docs-generator
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard package manager commands (npm, pnpm, yarn, bun) to initialize documentation sites and run build scripts. These operations are performed within the project directory to facilitate documentation lifecycle management.
- [EXTERNAL_DOWNLOADS]: The skill fetches the official Rspress scaffolding tool (create-rspress) and necessary project dependencies from public registries. It references official documentation and resources from well-known domains (rspress.rs, rslib.rs).
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it ingests untrusted data. 1. Ingestion points: Processes pull request titles, descriptions, and diffs (references/maintain-docs-for-prs.md) and project READMEs (references/create-new-docs.md). 2. Boundary markers: None present to delimit untrusted data. 3. Capability inventory: Executes package manager commands to build documentation. 4. Sanitization: No validation of ingested text before processing. This risk is inherent to the skill's purpose of summarizing project changes.
Audit Metadata