trace-check
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands including
tarfor creating backups of documentation and runs project-specific Python scripts such asscripts/extract_tags.pyandscripts/validate_tags_against_docs.pyto perform validation tasks. - [PROMPT_INJECTION]: Indirect prompt injection surface identified:
- Ingestion points: The skill scans and parses artifacts and source code in the
docs/,src/, andtests/directories. - Boundary markers: No explicit delimiters or instructions are used to separate untrusted parsed content.
- Capability inventory: The skill has the ability to execute shell commands and write to the local file system.
- Sanitization: There is no mention of sanitizing or validating the extracted content before it is used to generate reports or modify files.
Audit Metadata