Skills
skills/vladm3105/aidoc-flow-framework/doc-utest-autopilot/Gen Agent Trust Hub

doc-utest-autopilot

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is designed to run local validation scripts and orchestrate other automation skills. Evidence includes references to ai_dev_ssd_flow/10_TSPEC/scripts/validate_utest.py and the execution of doc-utest-audit and doc-utest-fixer as part of its internal orchestration flow.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it ingests and acts upon content from external files that may be controlled by different actors.
  • Ingestion points: The skill reads from paths specified in --ref or --iplan arguments, as well as documents like REQ-NN, SPEC-NN, and CTR-NN.
  • Boundary markers: There are no instructions in the skill to treat these documents as untrusted or to use delimiters to prevent embedded instructions from overriding agent behavior.
  • Capability inventory: The agent can write files (audit and fix reports) and trigger further automation steps (audit-fix loops) based on the content of the processed documents.
  • Sanitization: No sanitization or validation logic is present to filter potential malicious instructions within the ingested documentation artifacts.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 04:26 AM