agents-md
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill manages a hierarchy of
AGENTS.mdfiles which serve as persistent instructions for AI agents, creating a potential surface for indirect prompt injection where malicious instructions could be embedded in documentation. - Ingestion points: Creation and updates of
AGENTS.mdfiles at root, component, and service levels. - Boundary markers: Absent; templates do not provide delimiters or instructions to prevent agents from obeying malicious content embedded in the documentation fields.
- Capability inventory: The skill utilizes shell commands (
cp) and executes a synchronization script. - Sanitization: No input validation or content sanitization is defined for the documentation templates.
- [COMMAND_EXECUTION]: The skill triggers the execution of a script belonging to a sibling skill within the local directory structure.
- Evidence:
SKILL.mdspecifies the command./skills/skill-sync/assets/sync.shto update the skill registry after documentation changes.
Audit Metadata