api-reference-documentation
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a shell script at
scripts/validate-api.sh. Although currently composed of placeholder comments and basic logging, it provides a functional vector for local command execution within the agent environment. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it is designed to ingest and process potentially untrusted OpenAPI specifications.
- Ingestion points: Data enters the agent context through documentation templates and OpenAPI definitions in
SKILL.mdandreferences/openapi-specification-example.md. - Boundary markers: The skill uses standard markdown code blocks to delimit structured data and command examples.
- Capability inventory: The skill includes a local shell execution capability via the
scripts/validate-api.shscript. - Sanitization: No specific input validation, sanitization, or instruction filtering is implemented to prevent the agent from erroneously following instructions embedded within external API specifications.
Audit Metadata