shard-document
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines a workflow that utilizes standard shell commands such as grep, find, and ls for validating document structure and links. It also provides a Python validation script in the documentation which uses the pyyaml library for metadata parsing. These operations are conducted within the local workspace and are appropriate for the skill's functionality.\n- [PROMPT_INJECTION]: The skill provides an attack surface for indirect prompt injection by processing untrusted content from the source_document.\n
- Ingestion points: The agent reads the content of the source_document path provided as input in SKILL.md.\n
- Boundary markers: The workflow does not explicitly mention the use of boundary markers or instructions to ignore embedded commands within the source document.\n
- Capability inventory: The agent can execute shell commands and Python scripts for validation as outlined in SKILL.md and references/validation-checklist.md.\n
- Sanitization: Document content is parsed and sharded without specific sanitization of instructions embedded in the source text.
Audit Metadata