Skills
skills/jim60105/copilot-prompt/create-new-wiki-page/Gen Agent Trust Hub

create-new-wiki-page

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the command tree . /f using pwsh (PowerShell) to enumerate the file system and map the project's documentation structure.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data from existing local project documentation (e.g., folders for requirements and standards) and user-provided input.
  • Ingestion points: Reads files from folders like 設計文件, 功能需求, and 標準規範, plus user input from ${input:what-to-write-in-this-page}.
  • Boundary markers: None identified; instructions do not specify delimiters or warnings to ignore embedded content.
  • Capability inventory: Performs file system reads, file system writes (updating .order and markdown files), and Git commits.
  • Sanitization: No sanitization or validation steps are defined for the content processed from external documents.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 12:21 AM