troubleshooting-docs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Command Execution] (SAFE): The skill uses the Bash tool to perform routine file system operations, such as directory creation (
mkdir -p) and content appending (echo,cat). These operations are confined to thetroubleshooting/knowledge base directory and follow safe patterns like quoted heredocs (<< 'EOF'). - [Indirect Prompt Injection] (SAFE): The skill ingests data from the conversation context to build persistent documentation and pattern libraries. This surface is inherent to its primary purpose of documentation and is mitigated by sanitization requirements and structured templates. (Evidence: 1. Ingestion points: Step 2 extracts context from conversation. 2. Boundary markers: YAML frontmatter and Markdown templates used in Steps 5 and 6. 3. Capability inventory: Bash, Write, Read, Grep. 4. Sanitization: Step 4 specifies the use of 'sanitized-symptom' for filename generation.)
- [Data Exposure] (SAFE): Analysis confirms that the skill only accesses project-specific documentation paths and the current conversation history. It does not attempt to read sensitive system files, environment variables, or hardcoded credentials.
Audit Metadata