sync-docs
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes content from local project files by interpolating them directly into LLM prompts using the @file syntax, making it susceptible to indirect prompt injection if project files contain adversarial instructions.
- Ingestion points: variables.tf, docs/llms.md, kube.tf.example, README.md, locals.tf.
- Boundary markers: Not present.
- Capability inventory: Executes subprocesses via gemini, terraform-docs, terraform, grep, and diff.
- Sanitization: No sanitization or validation of the ingested file content is performed.
- [COMMAND_EXECUTION]: The skill automates its workflow by executing various CLI tools.
- Runs the gemini CLI for variable extraction and content generation.
- Runs terraform-docs to regenerate documentation from Terraform source files.
- Uses standard Unix utilities like grep and diff for file comparison and validation.
- Executes terraform fmt to maintain consistent formatting.
Audit Metadata