Skills
skills/ulpi-io/skills/map-project-monorepo/Gen Agent Trust Hub

map-project-monorepo

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is granted access to the Bash tool to perform repository discovery and analysis. It uses shell commands to identify workspace members, scan for exported APIs, and inventory project files. While the instructions focus on discovery and inventory, the broad capability of the shell tool should be monitored during execution.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from the repository to inform its output.
  • Ingestion points: The skill reads source files, manifests (Cargo.toml, package.json), and entry points across the monorepo to identify the 'exported surface'.
  • Boundary markers: The skill does not define strict delimiters or 'ignore' instructions for the content it reads from the repository source files.
  • Capability inventory: The skill has Write, Edit, and Bash capabilities, which are used to mutate documentation files across the project based on the analyzed content.
  • Sanitization: There is no explicit sanitization or filtering of codebase content (such as comments or metadata) that might contain malicious instructions designed to influence the agent's behavior during the documentation refresh process.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 06:52 PM