mintlify
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute several CLI commands for documentation management, including
mint dev,mint broken-links,mint a11y,mint rename, andmint validate. These are standard operations for the Mintlify ecosystem. - [EXTERNAL_DOWNLOADS]: The skill directs the installation of external software through global NPM packages, specifically
mintand@mintlify/scraping. These are official tools provided by the vendor. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it is designed to ingest and process data from the local file system that could be controlled by an external actor.
- Ingestion points: The agent is instructed to read
docs/docs.jsonand various*.mdxfiles within thedocs/directory to understand project structure and content conventions. - Boundary markers: The skill does not define explicit boundary markers or instructions to ignore embedded commands within the files it reads.
- Capability inventory: The agent has the capability to execute shell commands (Mintlify CLI), modify the file system (renaming files, updating navigation), and potentially influence deployment configurations.
- Sanitization: There are no mentioned sanitization or validation steps for the content read from the documentation files before it is processed by the agent.
Audit Metadata