Skills
skills/influxdata/docs-v2/content-editing/Gen Agent Trust Hub

content-editing

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it reads and processes markdown documentation files that could contain malicious instructions.
  • Ingestion points: The skill reads files from the content/ directory and referenced draft paths, as seen in the programmatic detection script using fs.readFileSync and the docs create command.
  • Boundary markers: No specific delimiters or warnings to ignore embedded instructions are provided in the instructions for the agent when processing these files.
  • Capability inventory: The skill allows for significant local command execution including yarn hugo, yarn test:links, node cypress/support/run-e2e-specs.js, and the docs CLI tool suite.
  • Sanitization: There is no evidence of sanitization or validation of the content read from markdown files before it is processed or used to inform subsequent actions.
  • [COMMAND_EXECUTION]: The skill facilitates the execution of various shell commands and scripts which, while standard for a documentation workflow, provide a mechanism that could be abused if the agent is misled by injected content.
  • Evidence: Instructions include running yarn, node, touch, and custom CLI tools like docs edit and docs create to manipulate the local filesystem and build environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 12:15 PM