karpathy-project-wiki
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFE
Full Analysis
- [DYNAMIC_EXECUTION]: The skill runs a local bash script (
scripts/check-project-drift.sh) via a session hook to monitor for changes in the repository since the last documentation update. - [PROMPT_INJECTION]: It uses a session hook to provide automated instructions that guide the agent to update the project wiki after file modifications.
- [INDIRECT_PROMPT_INJECTION]: The skill documents the codebase by reading source files and configuration data, which creates a surface where instructions embedded in the project files could potentially be processed by the agent.
- Ingestion points: Project source code, configuration files, and existing documentation as defined in
SKILL.mdandreferences/operations.md. - Boundary markers: Not present; no specific instructions are provided to ignore embedded commands within the source material.
- Capability inventory: The agent has permissions for file writing and shell command execution within the workspace.
- Sanitization: No content validation or sanitization of the ingested project files is performed.
Audit Metadata