update-docs
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, such as data exfiltration, obfuscation, or unauthorized persistence, were found in the skill.
- [COMMAND_EXECUTION]: The skill performs project structure discovery using the
Bashtool to run thelscommand. This is a legitimate use of the tool to gather context for the documentation scanner. - [PROMPT_INJECTION]: The skill processes project-specific data which introduces a surface for indirect prompt injection. This is mitigated by a human-in-the-loop requirement where the user must approve all changes before the writer subagent acts. * Ingestion points: Project documentation and source code files (SKILL.md Step 1 and 3) * Boundary markers: Absent from subagent briefings * Capability inventory: Includes
Bashfor discovery andAgentfor task delegation * Sanitization: File content is passed to subagents without filtering
Audit Metadata