Skills
skills/jihunkim0/jk-skills/document-update/Gen Agent Trust Hub

document-update

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it reads and processes data from untrusted repository contents and metadata.
  • Ingestion points: Reads all markdown files in the repository (Step 2), git commit logs (Step 1), and Pull Request body content (Step 8).
  • Boundary markers: Absent. There are no instructions or delimiters defined to distinguish between user instructions and documentation data, nor are there warnings to ignore embedded instructions.
  • Capability inventory: The skill has file-write access, and can execute git commit, git push, and gh pr edit.
  • Sanitization: No sanitization or validation is performed on the ingested documentation content or PR body before the agent processes it.
  • [COMMAND_EXECUTION]: The skill executes shell commands to perform repository management and automation.
  • Evidence: Uses git diff, git log, git commit, git push, gh pr view, and gh pr edit to synchronize files and update the remote repository.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 11:54 PM