Skills
skills/vladm3105/aidoc-flow-framework/doc-adr-reviewer/Gen Agent Trust Hub

doc-adr-reviewer

Warn

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill explicitly instructs the agent to execute bash commands (sha256sum <file_path> | cut -d' ' -f1 and grep) for hash calculation and cache verification. These commands use file paths extracted dynamically from document content.
  • [PROMPT_INJECTION]: This skill is vulnerable to Indirect Prompt Injection (Category 8).
  • Ingestion points: ADR files in docs/05_ADR/, BDD feature files in ../04_BDD/, and the .drift_cache.json file.
  • Boundary markers: None identified in the prompt instructions to isolate untrusted content from the commands.
  • Capability inventory: The skill has the capability to execute shell commands, read/write local files (reports, cache), and calculate cryptographic hashes.
  • Sanitization: There is no mention of path sanitization or validation for the extracted upstream references before they are passed to the bash shell, which could lead to command injection via malicious filenames or path traversal.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 1, 2026, 08:50 AM