Skills
skills/agentconnect/awiki-cli/awiki-page/Gen Agent Trust Hub

awiki-page

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill enables the agent to execute shell commands using the awiki-cli tool to perform mutations on remote page data and slugs.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection.
  • Ingestion points: Untrusted data enters the context when the agent reads markdown content from local files (e.g., via the --markdown-file parameter) or processes inline strings.
  • Boundary markers: The instructions do not define delimiters or specific 'ignore' directives to prevent the agent from following instructions embedded within the ingested markdown content.
  • Capability inventory: The agent can execute bash commands through a restricted tool and read local file system content.
  • Sanitization: There is no evidence of validation, escaping, or filtering of the markdown content before it is passed to the execution tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 12:49 PM