Skills
skills/vladm3105/aidoc-flow-framework/doc-tspec-fixer/Gen Agent Trust Hub

doc-tspec-fixer

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the sha256sum shell command to compute file hashes for upstream drift detection. This is a standard utility usage within the context of document version control.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its ingestion of SPEC and Audit Report content. Evidence Chain: 1. Ingestion points: SPEC and TSPEC markdown files. 2. Boundary markers: None specified. 3. Capabilities: File writes, directory creation, and shell command execution. 4. Sanitization: No explicit content filtering identified.
  • [DATA_EXPOSURE]: Access and modifications are limited to project documentation directories (e.g., docs/10_TSPEC). No sensitive paths, credentials, or environment variables are targeted.
  • [EXTERNAL_DOWNLOADS]: No remote dependencies or external code downloads were detected; the skill relies on local environment tools and provided templates.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 09:00 AM