doc-tasks-validator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes command-line instructions to invoke a local Python script,
ai_dev_flow/scripts/validate_tasks.py, for document validation. This behavior is consistent with the skill's stated primary purpose as a validation tool. - [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection due to its core function of processing external data.
- Ingestion points: The skill ingests markdown documents from the
docs/11_TASKS/directory and parses their YAML frontmatter and section content. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard embedded instructions within the documents being validated.
- Capability inventory: The skill has the capability to execute a Python script and generate summary reports based on the ingested content.
- Sanitization: The skill description does not specify any sanitization, escaping, or validation logic to prevent malicious content within the markdown files from influencing the agent's behavior during or after validation.
Audit Metadata