docs-update
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes content from documentation files that may be influenced by external contributors.
- Ingestion points: Reads markdown files from
$JAAN_DOCS_DIR,$JAAN_TEMPLATES_DIR, and$JAAN_LEARN_DIRfor analysis and consolidation. - Boundary markers: The instructions do not define clear delimiters or specific instructions for the agent to disregard potentially malicious instructions embedded within the documentation it is auditing.
- Capability inventory: The skill possesses significant capabilities including the ability to write to documentation and output directories, edit plugin configuration (
jaan-to/config/settings.yaml), and execute Git commands (add,commit,log,mv). - Sanitization: There is no explicit logic to sanitize or escape documentation content before it is parsed or merged during the 'Consolidate Duplicates' phase.
Audit Metadata