docs
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill's documentation review workflow presents a surface for indirect prompt injection. Ingestion points: The agent reads user-provided documentation files, READMEs, and pull request diffs during the review process. Boundary markers: Instructions in 'review/agents.md' do not specify unique delimiters or 'ignore' directives to isolate user content from the analysis prompts. Capability inventory: The skill uses the 'Task' tool to orchestrate sub-agents but does not possess capabilities for shell execution, file system writes, or network access beyond standard project tooling. Sanitization: No input sanitization or validation of the ingested documentation content is performed before analysis.
Audit Metadata