ldoc
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill reads and interprets content from the user's project documentation files, which can serve as a vector for indirect prompt injection. A malicious file in the 'docs' directory could potentially influence the agent to perform unintended file movements or Git commits during documentation workflows. Evidence Chain: 1. Ingestion points: Markdown files in the project's docs/ directory. 2. Boundary markers: Absent. 3. Capability inventory: git commit, mv, mkdir, rm (via workflow scripts). 4. Sanitization: Not present.
- Command Execution (SAFE): The skill executes local scripts and standard shell commands (find, rg, yq, lsd). These operations are used to automate documentation management within the project's directory and do not involve remote downloads or unauthorized privilege escalation.
Audit Metadata