doc-review
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Unverifiable Dependency (MEDIUM): The skill triggers an external script located at
./scripts/aha-loop/doc-cleaner.sh. As the script's content is not provided, its behavior cannot be verified, posing a risk of arbitrary command execution if the script is compromised or malicious. - External Network Access (LOW): The skill uses
curlto verify external links extracted from documentation. This allows the agent to perform outbound requests to arbitrary URLs found in processed files, including a flagged malicious URL inmain.rs. - Indirect Prompt Injection (LOW): 1. Ingestion points: Reads arbitrary
.mdfiles throughout the repository viafindandgrep. 2. Boundary markers: Absent; the instructions do not define delimiters for content. 3. Capability inventory: File system scanning, network requests viacurl, and execution of a local cleanup script. 4. Sanitization: None; the skill processes raw content, making it vulnerable to embedded instructions in untrusted documentation. - Command Execution (LOW): Utilizes standard system utilities (
find,grep,git) for inventory and staleness checks, which is aligned with the primary purpose of the skill.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata