agent-wiki
Warn
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands including
git init,git submodule add, andgit pushto manage the documentation lifecycle, and runs a local script withnodefor PDF processing. - [CREDENTIALS_UNSAFE]: Documentation in
workflow/update-mode.mdandevals/evals.jsonshows the skill attempts to read Git authentication credentials from the local file path~/.config/agent-wiki/credentials. - [EXTERNAL_DOWNLOADS]: The skill triggers the installation of the
pdf-parselibrary from the official npm registry to enable PDF text extraction functionality. - [PROMPT_INJECTION]: The skill processes unstructured data from external sources such as RFPs and meeting notes, which creates a surface for indirect prompt injection where malicious instructions could be embedded in the source documents.
Audit Metadata