fix-sphix-docs
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill instructs the agent to run
make htmlinside a virtual environment. This grants the agent the ability to execute any logic defined in the repository's Makefile. - [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it reads and processes Sphinx build logs which may contain untrusted data from the source code. 1. Ingestion points: Sphinx build output (stdout/stderr). 2. Boundary markers: Absent. 3. Capability inventory: Command execution via shell and file system write access. 4. Sanitization: None identified; the agent treats build errors as direct instructions for modification.
Audit Metadata