doc-sectest-fixer
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The file
doc-sectest-fixercontains a file path string (/opt/data/docs_flow_framework/.claude/skills/doc-sectest-fixer) instead of executable scripts or logic code.\n- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection due to its primary function of processing external data.\n - Ingestion points: The skill processes external markdown reports such as
SECTEST-NN.A_audit_report_vNNN.mdandSECTEST-NN.R_review_report_vNNN.md.\n - Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore embedded commands within the ingested reports.\n
- Capability inventory: The skill performs file read and write operations to generate 'Fixed SECTEST' documents and fix reports.\n
- Sanitization: No evidence of content sanitization, filtering, or validation is present in the provided documentation.
Audit Metadata