wiki-llms-txt
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
git remote get-url originandgit rev-parseto resolve repository metadata. - [PROMPT_INJECTION]: The skill creates a consolidated documentation file which facilitates indirect prompt injection by aggregating potentially untrusted content. * Ingestion points: Markdown files in the local repository and wiki directory. * Boundary markers: Content is delimited using
<doc>tags with title and path attributes. * Capability inventory: Local file system read/write and execution of git commands. * Sanitization: The skill strips YAML frontmatter but does not filter or sanitize page content for embedded instructions.
Audit Metadata