Skills
skills/jstarfilms/vibecode-protocol-suite/sync-docs/Gen Agent Trust Hub

sync-docs

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (HIGH): The skill is susceptible to Indirect Prompt Injection. It processes potentially untrusted content from source code to generate documentation while possessing filesystem write capabilities.
  • Ingestion points: The skill reads code files from src/main/, src/renderer/, src/shared/, and src/features/, as well as existing documentation files in docs/features/ via head and view_file.
  • Boundary markers: Absent. There are no instructions to the agent to disregard instructions that might be embedded in the code comments or file contents it is processing.
  • Capability inventory: Uses replace_file_content and write_to_file. An attacker could embed instructions in a source file that trick the agent into overwriting or deleting other sensitive files when the 'sync' process runs.
  • Sanitization: Absent. Content is interpolated directly into templates without validation.
  • [COMMAND_EXECUTION] (LOW): The process explicitly uses shell commands ls and head to list and read documentation files. While these are read-only operations on localized paths, they represent direct shell interaction.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 03:39 AM