azure-wiki-generator
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill utilizes shell commands including git clone, git add, git commit, and git push. These commands are consistent with the skill's stated purpose but provide the agent with the capability to modify external repository state.
- [PROMPT_INJECTION] (MEDIUM): The skill lacks safeguards against indirect prompt injection which is a risk when processing external data for documentation.
- Ingestion points: The skill is designed to take external documentation content and format it into Markdown files.
- Boundary markers: No explicit delimiters or warnings are used to separate user-provided content from the formatting and command logic.
- Capability inventory: High-impact 'write' capability to an external system via
git pushin SKILL.md. - Sanitization: External content is directly written to files using shell heredocs (
cat > API-Reference.md << 'WIKI') without any validation or escaping.
Audit Metadata