gap-analysis
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill's primary function involves ingesting and analyzing untrusted external data from documentation files and source code repositories.
- Ingestion points: Source code and documentation directories processed by
scripts/analyze-gaps.shandscripts/compare-docs-code.sh. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the provided analysis scripts.
- Capability inventory: The skill executes shell commands (
find,wc,cat) and writes analysis results to files. - Sanitization: Path validation is implemented in
scripts/generate-report.shto prevent directory traversal, but the content of ingested files is not sanitized for potential malicious instructions. - [COMMAND_EXECUTION]: The skill uses multiple bash scripts (
scripts/analyze-gaps.sh,scripts/compare-docs-code.sh,scripts/generate-report.sh) to automate analysis tasks. These scripts employ shell variable quoting to mitigate standard command injection risks during directory scanning and file processing.
Audit Metadata