Skills
skills/salavender/antigravity-compound-engineering-plugin/compound-docs/Gen Agent Trust Hub

compound-docs

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (MEDIUM): The skill calls a local script ./scripts/log-skill.sh with the current PID. Since the script source is not provided, its actions cannot be fully verified.
  • [PROMPT_INJECTION] (MEDIUM): The skill identifies as having a surface for indirect prompt injection. 1. Ingestion points: Reads contents of files within docs/solutions/ using grep and ls. 2. Boundary markers: Absent; the skill does not wrap processed content in delimiters. 3. Capability inventory: Includes file modification and execution of the logging script. 4. Sanitization: Absent; the agent is instructed to format and promote found patterns into critical documentation, which could lead to persistent malicious instructions in the solution database.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 12:33 AM