Skills
skills/levnikolaevich/claude-code-skills/ln-614-docs-fact-checker/Gen Agent Trust Hub

ln-614-docs-fact-checker

Fail

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill constructs and executes shell commands using variables derived from untrusted project documentation. As documented in references/claim_extraction_rules.md, values such as $path, $VAR, $name, $file, and $line are interpolated into shell utilities including ls, grep, and sed. This behavior creates a risk of command injection if the source documentation contains shell metacharacters.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface.\n
  • Ingestion points: Documentation files (.md) across the entire project.\n
  • Boundary markers: Not utilized.\n
  • Capability inventory: Shell command execution via the Bash tool and file system access via Read, Grep, and Glob.\n
  • Sanitization: No evidence of sanitization or input validation for extracted claim values prior to their use in system commands.\n- [EXTERNAL_DOWNLOADS]: The file diagram.html fetches the mermaid.min.js library from cdn.jsdelivr.net, which is a well-known and established content delivery network.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 8, 2026, 04:50 PM