Skills
skills/samhvw8/dot-claude/docs-discovery/Gen Agent Trust Hub

docs-discovery

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill retrieves documentation from external URLs discovered via web search. This external content is processed by the agent to answer technical queries, creating a surface for malicious instructions to be ingested.
  • Ingestion points: SKILL.md (Step 3: WebFetch found URLs) and mcp__context7__get-library-docs tool.
  • Boundary markers: Absent. There are no instructions or delimiters defined to help the agent distinguish between documentation text and potential embedded instructions.
  • Capability inventory: The skill possesses the ability to execute shell commands (curl, grep), perform web searches (WebSearch), and fetch arbitrary web content (WebFetch).
  • Sanitization: Absent. Content is fetched and presented to the LLM for reasoning without explicit filtering or escaping of instruction-like patterns.
  • [Command Execution] (LOW): The skill documentation and archived scripts describe the use of shell commands for its primary function.
  • Evidence: README.md and COMPARISON.md suggest using curl and grep for data retrieval. Archived workflows (archive/workflows/repo-analysis.md) describe the use of git clone to download repositories to /tmp/docs-analysis.
  • [External Downloads] (LOW): The skill is designed to interact with external, third-party sites to download llms.txt files and other documentation assets.
  • Evidence: Primary workflow targets https://context7.com/ and URLs found via WebSearch.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:13 PM