readme
Warn
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill instructs the agent to read sensitive files such as ".env", "config/credentials.yml.enc", and "config/master.key" during exploration. Accessing these files can lead to the exposure of application secrets if the agent mistakenly includes their contents in the generated documentation.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection from untrusted codebase data. Ingestion points: The skill reads file contents across the entire project root during exploration in SKILL.md. Boundary markers: There are no markers or instructions to ignore embedded commands in the files being read. Capability inventory: The agent has file-read access to the project and file-write access to the README.md. Sanitization: The skill lacks sanitization of ingested content before it is processed by the agent.
Audit Metadata