wiki-ado-convert
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run
git remote get-url originto identify the source repository URL, which is used to preserve linked citations in the converted documentation. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to ingest and process untrusted markdown files from a local repository.
- Ingestion points: The generated Node.js script (scripts/build-ado-wiki.js) reads documentation files from the local filesystem using
node:fs/promises. - Boundary markers: The script does not implement boundary markers or instructions to ignore embedded commands within the processed markdown files.
- Capability inventory: The generated script possesses filesystem capabilities, including the ability to read and write files (
readFile,writeFile) and create directories (mkdir). - Sanitization: The script uses regular expressions to transform specific syntax (Mermaid fences, front matter, and links) but does not include general sanitization or validation of the overall content of the markdown files.
Audit Metadata