doc-ctr
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill processes content from multiple upstream documents to generate contract artifacts.
- Ingestion points: Requirement and design documents located in docs/01_BRD/ through docs/07_REQ/.
- Boundary markers: Absent; there are no delimiters specified to isolate external document data from agent instructions.
- Capability inventory: The skill can execute local shell and Python scripts for validation and manage the filesystem via mkdir.
- Sanitization: Absent; the skill does not specify any sanitization or validation of the text content ingested from upstream layers.
- [COMMAND_EXECUTION]: The skill directs the agent to execute several shell commands and local scripts for workflow management.
- Evidence: Usage of ls for file verification and mkdir -p for structure setup.
- Tool Execution: Runs validation tools like yamllint and openapi-spec-validator.
- Local Framework Scripts: Executes validation scripts including validate_ctr.sh, validate_tags_against_docs.py, and validate_cross_document.py.
Audit Metadata