docs-write
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill instructs the agent to execute
yarn prettier --write <file-path>. This is a benign command used for standard code/markdown formatting and aligns with the skill's primary purpose. It does not involve downloading untrusted scripts or escalation. - [Indirect Prompt Injection] (LOW): The skill exhibits an attack surface for indirect prompt injection because it is designed to read, process, and write back to external documentation files.
- Ingestion points: External markdown/MDX files accessed via
Read,Grep, andGlobtools. - Boundary markers: Absent; there are no specific instructions to the agent to treat content within documentation files as untrusted or to ignore embedded instructions.
- Capability inventory: The skill has
WriteandBashcapabilities, allowing it to modify files and run local shell commands. - Sanitization: No sanitization or validation of input file content is performed before processing or formatting.
Audit Metadata