wiki-ado-convert
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Command Execution] (SAFE): The skill requests execution of 'git remote get-url origin' to establish repository context for link preservation. This is a routine read-only operation intended to maintain documentation accuracy.
- [Data Exposure] (SAFE): The generated script reads local markdown files and writes transformed copies to a 'dist/ado-wiki/' directory. No sensitive file paths (e.g., SSH keys, credentials) are accessed, and no network exfiltration logic is present.
- [Remote Code Execution] (SAFE): While the skill generates and suggests the execution of a Node.js script, it explicitly mandates the use of built-in modules only (node:fs/promises, node:path, node:url), which significantly reduces the risk of supply chain attacks or malicious package injection.
- [Indirect Prompt Injection] (LOW): The skill processes untrusted markdown data through the generated script. Evidence Chain: 1. Ingestion points: Local markdown files, README.md, and index.md. 2. Boundary markers: Absent. 3. Capability inventory: 'git remote' execution, directory creation, file read/write (SKILL.md). 4. Sanitization: Static regex-based transformations. The risk is low because the generated script performs deterministic string replacements rather than passing content to an LLM for instruction-following.
Audit Metadata