grill-with-docs
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill is instructed to explore the codebase to resolve questions and cross-reference user statements with implementation details. This creates a surface where the agent ingests untrusted data from the repository.
- Ingestion points: Automated codebase exploration and file reads mentioned in
SKILL.mdto find existing documentation and implementation details. - Boundary markers: Absent. The instructions do not provide delimiters or warnings to ignore embedded instructions within the codebase files.
- Capability inventory: The agent has the ability to read files across the repository and write to documentation files (
CONTEXT.mdanddocs/adr/). - Sanitization: None. The content extracted from the codebase is processed and reflected in conversations and documentation without escaping or validation.
Audit Metadata