Doc Generator

The skill's requested actions and instructions are coherent with its stated purpose (generating READMEs from project files), but the runtime instructions are somewhat vague and could accidentally expose repository secrets if used without safeguards.

This skill appears to do what it says — it will scan your repository and create a README from package.json and source code. Before installing or running it: (1) run it first on a non-sensitive test repo to verify output; (2) restrict its input scope or add an allowlist (only src/, package.json, etc.) and explicitly exclude config files, .env, secrets, and private keys; (3) review any generated README before committing or publishing to avoid leaking credentials or internal URLs; (4) prefer skills from known authors or add explicit instructions to the skill for file exclusion and sanitization. If you need higher assurance, request the SKILL.md be expanded to specify exact file paths to read and explicit exclusions.