doc-adr-fixer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands (
sha256sum) to perform file integrity checks. It extracts file paths from document references (@ref tags) to use as arguments, which introduces a potential command injection risk if source documents contain malicious path strings.- [PROMPT_INJECTION]: An indirect prompt injection surface is present. The skill ingests content from external files like ADRs and Audit Reports and uses this data to drive automated file modifications and content updates. - Ingestion points: Reads data from ADR documents, Audit/Review reports, and upstream BDD/BRD files.
- Boundary markers: There are no markers or instructions to isolate untrusted data from the skill's operational logic.
- Capability inventory: The skill possesses significant file-system permissions, including the ability to create directories (os.makedirs), move files (shutil.move), and overwrite file content (Path.write_text).
- Sanitization: No validation or sanitization of the content extracted from external reports is performed before it is used in file-writing operations.
Audit Metadata