plan
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements robust security validation at its core. Step 0.3 enforces strict path resolution by explicitly forbidding parent directory traversal (..) and excluding sensitive system directories like .git, node_modules, and build from being accessed as reference sources.
- [SAFE]: A 'Hard Gate' assertion in Step 6.0 prevents any unauthorized filesystem operations. It verifies that all output paths strictly match the resolved output directory and ensures filenames follow a safe kebab-case convention without numeric prefixes, mitigating risks of writing to sensitive project areas.
- [SAFE]: The skill minimizes exposure to potentially malicious content in user-provided documentation by offloading analysis and generation tasks to isolated sub-agents via the Agent tool (Steps 4, 7, and 8). This architecture ensures the main context remains clean, while the structured summaries required from sub-agents act as a natural sanitization layer against indirect prompt injection.
Audit Metadata