ito-grill-with-docs
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or unauthorized activities were detected. The skill's operations are limited to project documentation management.
- [PROMPT_INJECTION]: The skill's instructions include a persona that is directed to ensure all technical points have been covered before concluding, which may involve continuing the interaction even if a user suggests ending it early. This behavioral constraint is a functional feature of the architecture stress-testing use case.
- [PROMPT_INJECTION]: The skill reads existing repository documentation to maintain context, creating a surface for potential indirect prompt injection if the files were manipulated by an external party.
- Ingestion points: Reads CONTEXT.md, CONTEXT-MAP.md, and Architecture Decision Records in docs/adr/ as specified in the initialization and core flow steps of SKILL.md.
- Boundary markers: No delimiters or specific instruction-ignore headers are used when reading these project files.
- Capability inventory: The skill uses file reading and writing capabilities to manage documentation within the repository (SKILL.md, references/ADR-FORMAT.md).
- Sanitization: The skill does not perform content filtering or validation on the content of the documentation files being processed.
Audit Metadata