doc-ears-audit
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by design, as its primary purpose is to process and audit untrusted external data (EARS documentation files). \n
- Ingestion points: Reads EARS requirement files from local paths (e.g.,
docs/03_EARS/...). \n - Boundary markers: The execution contract does not specify the use of delimiters or 'ignore embedded instructions' markers when passing documentation content to sub-skills. \n
- Capability inventory: The skill orchestrates other local skills (
doc-ears-validator,doc-ears-reviewer,doc-ears-fixer) and performs file-write operations to save audit reports. \n - Sanitization: No explicit sanitization or filtering of the content within the EARS files is documented prior to processing.
Audit Metadata