wiki-qa
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a standard workflow for analyzing and answering questions about a local codebase based on file evidence. It consists entirely of natural language instructions and does not include any scripts, commands, or external dependencies.
- [DATA_EXPOSURE]: The skill instructions involve searching and reading repository files. This behavior is consistent with its stated purpose of codebase Q&A and does not include instructions to transmit data to external domains or access sensitive system paths outside the repository.
- [INDIRECT_PROMPT_INJECTION]: The skill processes content from repository files (untrusted data), which represents a surface for indirect prompt injection. However, the skill lacks high-risk capabilities such as arbitrary code execution or network access, which limits the potential impact of such an attack.
Audit Metadata