Skills
skills/giuseppe-trisciuoglio/developer-kit/docs-updater/Gen Agent Trust Hub

docs-updater

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to perform git operations, file system checks, and content manipulation. It executes commands such as git log, git diff, and sed to extract information for documentation updates.
  • [PROMPT_INJECTION]: The skill processes untrusted input from git commit messages and file changes. A malicious contributor could craft commit messages containing instructions designed to manipulate the documentation generated by the AI.
  • Ingestion points: Untrusted data enters the context via git log output and git diff results from the local repository.
  • Boundary markers: The instructions do not define clear delimiters or include warnings to ignore instructions embedded within the processed git data.
  • Capability inventory: The skill has the ability to read and modify files using Read, Write, Edit, and Bash tools.
  • Sanitization: There is no automated sanitization of the input data; however, the skill includes a mandatory human-in-the-loop review step using AskUserQuestion before changes are applied.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 01:06 AM