wiki-sync
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses standard filesystem commands like
mkdir,cp, andrm, along with a specialized CLI toolgh-manager, to manage wiki content. This is standard behavior for a synchronization tool. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes repository content to generate wiki pages. • Ingestion points: Reads from
docs/,README.md, and source code (SKILL.md). • Boundary markers: No specific delimiters are used to isolate untrusted content (SKILL.md). • Capability inventory: Can modify files and push to a remote wiki (SKILL.md). • Sanitization: Lacks sanitization for embedded instructions (SKILL.md).
Audit Metadata