doc-ctr-autopilot
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes basic shell commands and local scripts for workflow management.
- Evidence includes
ls docs/08_CTR/CTR-{NN}_*/for file existence checks during document detection. - The workflow executes a local Python script
ai_dev_flow/scripts/update_traceability_matrix.pyto maintain project documentation integrity. - [INDIRECT_PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing external documentation content.
- Ingestion points: Reads requirement documents from
docs/07_REQ/REQ-*.mdfor contract generation. - Boundary markers: None explicitly defined to separate untrusted content from instruction logic.
- Capability inventory: Performs file system reads and writes in
docs/directories, and executes subprocesses via shell and Python. - Sanitization: No explicit sanitization or validation of input document content is described prior to processing.
- [DATA_EXFILTRATION]: File access patterns are restricted to specific project documentation paths (
docs/07_REQ/,docs/08_CTR/,governance/plans/). There is no evidence of network-based exfiltration or access to sensitive system paths.
Audit Metadata