learned-docs
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to utilize standard CLI tools for documentation maintenance, specifically
git mvfor reorganizing files,grepfor finding cross-references, andmake fast-cifor validating markdown formatting and frontmatter integrity. It also uses a project-specific toolerkto synchronize generated index files from source metadata. These operations are consistent with the skill's primary purpose of documentation management within a development environment.\n- [PROMPT_INJECTION]: The skill implements a system of 'tripwires' and 'read_when' conditions defined in YAML frontmatter to influence agent behavior and navigation. This represents an indirect prompt injection surface where documentation content can trigger specific agent actions or warnings. \n - Ingestion points: Markdown documentation files located in
docs/learned/.\n - Boundary markers: Uses standard YAML frontmatter delimiters (
---).\n - Capability inventory: File relocation (
git mv), searching (grep), and local script execution (make,erk).\n - Sanitization: The skill incorporates a validation step via
make fast-cito ensure frontmatter syntax and markdown formatting adhere to project standards.
Audit Metadata