codebase-onboarding
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection due to its core function of processing untrusted codebase data.
- Ingestion points: The skill reads all project source code, database schemas, and configuration files via five parallel subagents (SKILL.md).
- Boundary markers: No explicit delimiters are used to separate ingested code content from the agent's internal synthesis instructions.
- Capability inventory: The skill is restricted to file system read operations for analysis and a single file system write operation to create the
ONBOARDING.mdfile. It identifies itself as read-only. - Sanitization: The skill does not specify sanitization or filtering logic for content extracted from the codebase before including it in the generated documentation.
Audit Metadata