documentation-build
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands using make to perform build tasks such as make html and make clean.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by executing logic from untrusted files in the repository.
- Ingestion points: The documentation directory and Makefile within the target repository (SKILL.md).
- Boundary markers: Absent; the skill does not explicitly warn the agent to ignore potentially malicious instructions embedded in the build configuration.
- Capability inventory: Full shell execution of make targets (SKILL.md).
- Sanitization: Absent; the skill checks if a target exists before running but does not inspect the command defined by that target.
Audit Metadata