clawd-docs-v2
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands like 'ls', 'cat', and 'grep' to query and read documentation files located in '~/clawd/data/docs-snippets/'. This behavior is expected for its local caching mechanism and is restricted to its own data directory.
- [EXTERNAL_DOWNLOADS]: The skill performs web fetches from 'https://docs.clawd.bot/' to retrieve markdown documentation. This domain is the official documentation site for the skill and is treated as a vendor-owned resource.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface due to its ingestion of external and cached markdown content. This is a common characteristic of documentation-retrieval skills. Ingestion points: Fetches from 'https://docs.clawd.bot/' and reads from '~/clawd/data/docs-snippets/'. Boundary markers: None explicitly defined in the provided file. Capability inventory: Limited to file reading and web fetching. Sanitization: Content is fetched and processed as markdown without explicit validation layers, though this is expected for documentation purposes.
Audit Metadata