Skills
skills/l3digital-net/claude-code-plugins/up-wiki/Gen Agent Trust Hub

up-wiki

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes git diff and git log commands to retrieve the recent history of the repository for documentation context. This pattern is essential for the skill's primary purpose but involves the execution of shell commands on the local system.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests data from external sources (git logs, diffs, and project documentation) that could contain malicious instructions designed to influence the agent's behavior.
  • Ingestion points: Git history (git log, git diff), project documentation (CLAUDE.md), and existing wiki pages via the mcp-outline search and read tools.
  • Boundary markers: Absent; there are no instructions or delimiters used to separate user-provided data from agent instructions, nor are there warnings to ignore embedded commands.
  • Capability inventory: The skill has access to the Bash tool and a full suite of mcp-outline tools for wiki interaction, including creating and updating documents.
  • Sanitization: Absent; data retrieved from the repository is used directly to draft and apply documentation updates without any filtering or validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 08:29 AM