crafting-effective-readmes
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill is comprised exclusively of Markdown templates and reference documentation. No executable scripts, binaries, or tool configurations are included in the skill package.
- [SAFE]: No instances of obfuscation, hardcoded credentials, privilege escalation, or persistence mechanisms were detected. The skill's instructions focus on informational gathering and text generation for documentation purposes.
- [PROMPT_INJECTION]: The skill workflow defined in 'SKILL.md' directs the agent to read existing project files such as 'package.json' and current README files (Ingestion points). There are no explicit boundary markers (Boundary markers) or sanitization logic (Sanitization) defined for processing this untrusted input. However, the capability inventory is limited to the agent's default tools used for documentation generation, with no evidence of high-risk sinks like command execution or data exfiltration.
Audit Metadata