clawd-docs-v2
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes standard shell commands (
ls,cat,grep,head) to manage and read its local documentation cache and search index. These operations are restricted to the~/clawd/data/directory and are used for legitimate caching purposes.- [EXTERNAL_DOWNLOADS] (SAFE): Content is retrieved fromhttps://docs.clawd.bot/via theweb_fetchtool. The downloads are limited to documentation in markdown format from a domain specific to the tool's purpose.- [DATA_EXFILTRATION] (SAFE): Analysis of the fetch and read patterns shows no attempts to access or transmit sensitive system files or credentials. Network activity is limited to the documentation server.- [PROMPT_INJECTION] (SAFE): No instructions designed to bypass safety filters, extract system prompts, or override agent behavior were found.- [Indirect Prompt Injection] (SAFE): Evaluation of the attack surface: - Ingestion points: Data is ingested through
web_fetchfrom the documentation URL andcatfrom the local snippet cache. - Boundary markers: None present; the agent is not explicitly instructed to disregard instructions found within the documentation content.
- Capability inventory: Includes shell commands (
ls,cat,grep,head) and theweb_fetchtool. - Sanitization: Absent; paths are constructed using string interpolation.
- Risk Assessment: The risk is minimal as the data source is a specific, presumably trusted documentation domain.
Audit Metadata