docs-quality
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local bash script (
scripts/docs_qc.sh) to perform structural linting and quality checks on documentation files. The script uses standard system utilities such asfind,ripgrep(rg), andwcto verify frontmatter, identify potential parsing issues in Markdown tables, and check for appropriate headings in diagrams. The script performs read-only operations and does not access external networks. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to ingest and process content from the repository that may be controlled by third parties (e.g., documentation files or source code from pull requests).
- Ingestion points: The skill reads multiple files, including
docs/*.mdx,src/types.ts,schema/isol8.config.schema.json, and general source files undersrc/to gather context. - Boundary markers: There are no explicit delimiters or system instructions defined in the workflow to prevent the agent from following malicious instructions embedded within the processed documentation or code files.
- Capability inventory: The agent has the capability to execute the local
docs_qc.shscript and is expected to modify or create documentation files based on the ingested content. - Sanitization: The skill does not implement any validation, escaping, or filtering of the ingested content before it is processed by the AI agent.
Audit Metadata