Skills
skills/ggprompts/my-plugins/docs-seeker/Gen Agent Trust Hub

docs-seeker

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from processed documentation and source code.
  • Ingestion points: Documentation pages, llms.txt files, and repository contents packed by Repomix (repomix-output.xml).
  • Boundary markers: Absent. No specific instructions to treat documentation content as untrusted or to use delimiters.
  • Capability inventory: Shell access (git, npm, repomix), sub-agent spawning (Task: Explore/Researcher), and network access (WebSearch, WebFetch).
  • Sanitization: Absent. The skill does not describe any filtering or escaping of content before processing.
  • [COMMAND_EXECUTION]: Executes shell commands for tool management and repository operations.
  • Evidence: Installs the 'repomix' package globally (npm install -g repomix).
  • Evidence: Clones external repositories (git clone) into the local file system (/tmp/docs-analysis).
  • [EXTERNAL_DOWNLOADS]: Automatically retrieves documentation and repository data from external sources.
  • Evidence: Fetches llms.txt files and documentation pages from various web domains.
  • Evidence: Clones repositories based on search results for library names.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 04:34 AM