doc-spec-fixer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
sha256sumsystem utility via a shell pipe to calculate SHA-256 hashes of upstream files during drift detection (Phase 6, FIX-H001). - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it ingests untrusted data from external Review Reports, REQ, and CTR files (documented in Phase 0 and Phase 6). It performs sensitive file system operations such as moving files (
shutil.move), creating directories (os.makedirs), and writing content (Path.write_text) based on the data in these files. The skill lacks explicit boundary markers or content sanitization to prevent malicious instructions within the ingested documents from influencing agent behavior.
Audit Metadata