docstore-search
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted document content from the .docstore/ directory.
- Ingestion points: Reads meta.yaml and raw.md files as described in Step 2 and Step 3.
- Boundary markers: Absent. The workflow does not provide delimiters or instructions to ignore embedded commands in the documents.
- Capability inventory: Uses Bash, Read, Grep, and Glob tools for searching.
- Sanitization: Absent. Data is retrieved and displayed without validation or escaping.
Audit Metadata