eliteforge-tech-doc
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local bash script
scripts/list_doc_and_diagram_sources.shto inventory documentation and diagram files within the current directory. - [DATA_EXFILTRATION]: The skill is designed to read and process potentially sensitive project information, including architecture diagrams, specifications, and design documents. While no external network exfiltration was detected, the skill has broad read access to the local workspace contents.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) due to its core functionality of ingesting and summarizing untrusted external data from the local filesystem.
- Ingestion points: All files matching documentation and diagram extensions (Markdown, PlantUML, Mermaid, etc.) discovered by the indexing script in the execution directory.
- Boundary markers: Absent. The instructions do not provide delimiters or specific 'ignore embedded instructions' warnings when the agent reads the content of discovered files.
- Capability inventory: The skill can read local files, execute a local shell script for discovery, and write technical design summaries back to the filesystem.
- Sanitization: Absent. There is no evidence of filtering or validation of the content read from external documentation files before it is processed by the agent.
Audit Metadata