Skills
skills/vladm3105/aidoc-flow-framework/doc-tasks-reviewer/Gen Agent Trust Hub

doc-tasks-reviewer

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the execution of bash commands (sha256sum, sed, yq, grep) to calculate hashes for file integrity and extract specific sections from upstream documentation for drift detection purposes.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the documents it processes. \n
  • Ingestion points: Reads content from docs/11_TASKS/, docs/09_SPEC/, and docs/10_TSPEC/.\n
  • Boundary markers: Absent; there are no explicit delimiters or instructions to ignore potential commands embedded in the analyzed documents.\n
  • Capability inventory: Uses bash shell execution for hashing and parsing (via sha256sum, sed, yq, grep).\n
  • Sanitization: Absent; section anchors and file paths derived from user-controlled documents are interpolated directly into bash command strings, which could theoretically be exploited if document content is maliciously crafted to break out of the shell context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 08:53 AM