tailwind
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes external content stored in the
docs/directory. Since this content is fetched fromsource_url, it could contain malicious instructions (Indirect Prompt Injection) designed to hijack the agent's behavior when retrieved. No specific boundary markers or sanitization logic are defined in the instruction set. - Command Execution (LOW): The skill invokes a local script
scripts/search_docs.pyvia a shell command with a user-provided<query>. This creates a standard attack surface for command injection if the script or the shell wrapper does not correctly sanitize the input query. - No Code (INFO): The functional script
scripts/search_docs.pyand thedocs/content were not provided for review. This analysis is based on the usage patterns described in theSKILL.mdfile.
Audit Metadata