api-docs
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted source code provided by the user.
- Ingestion points: Reads source code files from the user-specified
<source-path>referenced in the skill instructions. - Boundary markers: The skill does not implement delimiters or specific instructions to the agent to disregard instructions found within the code comments or content.
- Capability inventory: The skill has access to tools such as
Write,Bash(vianpx), andmcpdispatch, which could be misdirected if the agent follows malicious instructions in the input. - Sanitization: No sanitization or validation of the input source code content is described in the skill.
Audit Metadata