get-api-docs
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
chubCLI tool to perform searches (chub search), retrieve documentation content (chub get), and store local annotations (chub annotate). These commands are standard for managing technical documentation and do not demonstrate unauthorized privilege escalation or malicious intent. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it instructs the agent to fetch and follow instructions from external documentation sources.
- Ingestion points: Documentation content retrieved from external sources via the
chub getcommand (e.g., in SKILL.md). - Boundary markers: Absent; the skill does not instruct the agent to use delimiters or ignore embedded instructions within the fetched documentation.
- Capability inventory: The agent has the capability to write and execute code, perform network operations (via
chub), and write to the local file system based on the contents of the fetched documentation. - Sanitization: No validation or sanitization of the external documentation content is performed before the agent processes it.
Audit Metadata