doc-project
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses standard CLI tools (ls, git log, wc) to inspect project structure and history, which is consistent with its documentation management purpose.
- [COMMAND_EXECUTION]: Executes a local Python script (validate_docs.py) located in the user's home directory to synchronize documentation state.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting untrusted project files and git logs to generate documentation. 1. Ingestion points: Codebase structure files (e.g., package.json, Dockerfile) and git commit history. 2. Boundary markers: No explicit delimiters are used to isolate ingested content. 3. Capability inventory: The skill can execute local scripts and delegate to other skills with write permissions. 4. Sanitization: No sanitization of ingested codebase content is performed before processing.
Audit Metadata