doc-sync
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard system commands including
git diff,find, andsedto identify modified files and extract metadata. It also provides an optional pre-commit hook script for local automation, which is a standard developer practice and does not involve malicious persistence. - [DATA_EXFILTRATION]: Data operations are strictly confined to the local filesystem (reading from
.claude/and writing todocs/workflow/) and an internal PostgreSQL database via MCP tools. No network activity to external or untrusted domains was identified. - [PROMPT_INJECTION]: No direct prompt injection patterns, safety bypasses, or instructions to override agent behavior were detected in the skill documentation.
- [PROMPT_INJECTION]: Indirect Prompt Injection Analysis
- Ingestion points: The skill reads content from local
.agent.mdand.mdfiles and queries metadata from a PostgreSQL database. - Boundary markers: Metadata is parsed using YAML delimiters (
---) and specific filename patterns. - Capability inventory: The execution environment utilizes
Read,Write,Edit, andBashtools to update documentation files and generate reports. - Sanitization: The process includes YAML frontmatter validation and Mermaid diagram syntax checking to ensure the integrity of the processed data.
- [REMOTE_CODE_EXECUTION]: The skill does not download or execute code from remote sources. It relies on local scripts and predefined MCP tools for its operations.
Audit Metadata