api-documenter
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill executes a local Python script (openapi_validator.py) to validate documentation integrity. This is a legitimate functional requirement for an API documentation tool.
- [PROMPT_INJECTION] (LOW): The skill processes user-provided OpenAPI files which could contain malicious instructions in description fields (Category 8: Indirect Prompt Injection). * Ingestion points: Reads docs/openapi.json as part of the validation and documentation process. * Boundary markers: Absent. The instructions do not specify delimiters or warnings to ignore instructions within the JSON file. * Capability inventory: The agent has the capability to execute a Python subprocess (openapi_validator.py). * Sanitization: None detected. The skill assumes the input JSON adheres to the OpenAPI schema without specific filtering for prompt-based attacks.
Audit Metadata