doc-ctr-fixer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill incorporates Python logic and shell commands to manage local files and directories.
- Evidence: Employs 'os.makedirs' and 'shutil.move' for restructuring document folders.
- Evidence: Uses 'Path.write_text' to update document contents and links.
- Evidence: References the execution of the 'sha256sum' shell command to verify the integrity of upstream artifacts.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection vulnerability due to the way it handles external data.
- Ingestion points: The skill ingest data from review reports (e.g., 'CTR-NN-SSS.R_review_report_vNNN.md') and upstream requirement documents.
- Boundary markers: There are no explicit delimiters or instructions to the agent to disregard embedded commands within the ingested files.
- Capability inventory: The skill has extensive file system capabilities, including creating, moving, and writing to files within the 'docs/' directory.
- Sanitization: No sanitization or validation of paths and content extracted from external reports is implemented before performing file system operations.
Audit Metadata