doc-brd-fixer
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local system utilities like
sha256sumandgrepto perform hash validation and drift detection. It also invokes a project-specific script,validate_brd_wrapper.sh, for structural compliance checks.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes external data to drive document modifications.\n - Ingestion points: The skill reads from audit reports (
BRD-NN.A_audit_report_vNNN.md) and upstream documents to identify required fixes and determine if a document should be archived or regenerated.\n - Boundary markers: No explicit delimiters or boundary markers are used to isolate ingested data from the skill's internal logic, creating a risk that malicious data in a report could influence agent behavior.\n
- Capability inventory: The skill is capable of creating, moving, and writing to files on the local filesystem, as well as executing a local shell-based validation wrapper.\n
- Sanitization: There is no evidence of sanitization or content validation for the data extracted from audit reports before it is used to modify documents or transition between fix phases.
Audit Metadata