Skills
skills/bossjones/boss-skills/doc-generator/Gen Agent Trust Hub

doc-generator

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHREMOTE_CODE_EXECUTIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill ingests untrusted docstrings and comments from Python files without sanitization. Evidence: 1. Ingestion points: Python source files (via 'parse Python files' instruction). 2. Boundary markers: Absent. 3. Capability inventory: Code execution via 'inspect' and file system access. 4. Sanitization: Absent.
  • Remote Code Execution (HIGH): The instructions recommend using the 'inspect' module for runtime introspection. In Python, inspecting a module often requires importing it, which executes any top-level code. If the files being documented are untrusted, this allows for arbitrary code execution.
  • Command Execution (MEDIUM): The skill performs file system operations (pathlib) and potentially executes code logic via introspection on user-controlled file paths.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 06:46 AM