doc-ears-validator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local Python script located at
ai_dev_ssd_flow/03_EARS/scripts/validate_ears.pyto perform validation logic. This is standard operational behavior for a validator utility. - [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by processing user-controlled EARS documents. 1. Ingestion points: User-provided markdown files within the
docs/03_EARS/directory. 2. Boundary markers: No explicit boundary markers or delimiters are defined to isolate untrusted content from agent instructions. 3. Capability inventory: The skill can execute shell commands and interact with the local file system. 4. Sanitization: No sanitization or escaping mechanisms are described for handling the document content before parsing.
Audit Metadata