docs-search
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands via npx to interface with the documentation server for listing indexed libraries and performing natural language searches.
- [EXTERNAL_DOWNLOADS]: The skill dynamically fetches and executes the @arabold/docs-mcp-server package from the npm registry using npx at runtime. This package originates from the verified author of the skill.
- [PROMPT_INJECTION]: There is an attack surface for indirect prompt injection. 1. Ingestion points: Documentation content snippets are retrieved from the index during search operations. 2. Boundary markers: Output is structured as JSON or YAML, which helps delineate data from instructions. 3. Capability inventory: The skill can execute shell commands via npx as described in SKILL.md. 4. Sanitization: The skill definition does not specify sanitization or filtering of documentation content to prevent embedded instructions from influencing agent behavior.
Audit Metadata