wiki-ado-convert
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill instructs the agent to run
git remote get-url originto resolve repository context for link preservation. - [PROMPT_INJECTION] (LOW): There is a surface for indirect prompt injection as the skill processes untrusted markdown files from the repository. Ingestion points: Markdown files in the local workspace. Boundary markers: None provided for separating markdown content from instructions. Capability inventory: File system read/write and directory creation via a generated script. Sanitization: The skill performs regex-based transformations but lacks specific sanitization for agent-specific instructions.
Audit Metadata