analyze-documents
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: No malicious code, obfuscation, or unauthorized network activity was detected. The skill's functionality is consistent with its stated purpose of document analysis and summarization.
- [COMMAND_EXECUTION]: The skill uses standard shell utilities such as
lsorfindto list files in a local directory. This is a legitimate and expected use of system commands for the task of identifying documents to analyze. - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it reads and summarizes content from external documents. 1. Ingestion points: Files in the target directory (e.g.,
docs/). 2. Boundary markers: The instructions do not specify any delimiters or warnings to ignore instructions embedded within the document content. 3. Capability inventory: The agent has the ability to list files and read content, but no high-risk capabilities like network access or arbitrary code execution are specified in this skill. 4. Sanitization: No explicit sanitization or filtering of the ingested document content is mentioned.
Audit Metadata