docs-check
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes a local bash script at
skills/docs-check/scripts/check-docs.shto analyze code changes. This is expected behavior for its stated purpose. - [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The tool processes potentially untrusted data from git diffs. 1. Ingestion points: git diff output. 2. Boundary markers: Absent. 3. Capability inventory: Local bash script execution and reading of markdown documentation guides. 4. Sanitization: No sanitization of ingested diff content is documented or performed before processing.
Audit Metadata