Skills
skills/existential-birds/beagle/ensure-docs/Gen Agent Trust Hub

ensure-docs

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands including find, grep, and ls to identify project languages and frameworks during the detection phase.
  • [COMMAND_EXECUTION]: It invokes external verification tools and linters such as ruff, pydocstyle, npx eslint, and staticcheck to validate documentation standards.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection (Category 8) risks because it reads and processes local source code files to generate documentation.
  • Ingestion points: Code content from .py, .ts, .js, and .go files is read and passed to documentation agents in the verification and generation phases.
  • Boundary markers: The agent prompt templates in references/workflow.md do not utilize explicit delimiters or instructions to ignore embedded commands within the ingested code.
  • Capability inventory: The skill has access to the Edit tool for writing files, the Task tool for spawning sub-agents, and a shell environment for executing system commands.
  • Sanitization: There is no evidence of content sanitization or validation performed on the source code before it is interpreted by the language-specific agents.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 05:56 PM