build-index
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses user-provided arguments (config_name and version) to construct file paths within shell commands such as 'find', 'du', and 'cat'. This pattern poses a risk of command injection or path traversal if the arguments are not properly sanitized by the agent before execution.
- [PROMPT_INJECTION]: The skill processes untrusted markdown files to extract keywords for a documentation index. This creates an indirect prompt injection surface where malicious content in source files could influence downstream agent behavior.
- Ingestion points: Documentation files (.md, .mdx) located in the 'contents/' directory within 'vault/packages/{config_name}/{version}/'.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used when reading or processing the files.
- Capability inventory: The skill performs file system reads, directory discovery using 'find', and disk usage analysis with 'du'.
- Sanitization: There is no evidence of sanitization or validation of the extracted keywords or the input arguments used in shell commands.
Audit Metadata