Skills
skills/iliaal/ai-skills/compound-docs/Gen Agent Trust Hub

compound-docs

Pass

Audited by Gen Agent Trust Hub on May 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs shell command execution to manage the documentation lifecycle.
  • Executes scripts/validate-frontmatter.sh to validate YAML headers against a schema.
  • Uses grep to search existing documentation for similar issues.
  • Uses mkdir -p, echo, and cat to create and update files in the docs/solutions/ directory.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection due to the way it processes and stores conversation content.
  • Ingestion points: Extracts module names, error messages, and investigation details from the conversation history in references/documentation-process.md (Step 2).
  • Boundary markers: Content is interpolated into documentation templates without explicit boundary markers or instructions to disregard potential commands in the source data.
  • Capability inventory: The workflow involves file-write capabilities (echo, cat) and local script execution (bash).
  • Sanitization: Filenames are sanitized for length and special characters; YAML metadata is validated using a regex-based bash script.
Audit Metadata
Risk Level
SAFE
Analyzed
May 2, 2026, 04:45 PM