linear-walkthrough
Pass
Audited by Gen Agent Trust Hub on Jul 11, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill references an external technical blog for context, which is a common and safe practice for providing instructional background.
- [PROMPT_INJECTION]: The skill processes untrusted external data such as source code, product documents, and meeting notes (Ingestion points: Intake section). It does not define specific boundary markers for this data (Boundary markers: absent) or include instructions for sanitizing or escaping the content (Sanitization: absent). While this represents a surface for indirect prompt injection, the risk is limited by the skill's focus on document generation using tools like file-reading and shell commands (Capability inventory: Intake section).
- [COMMAND_EXECUTION]: The skill instructs the agent to use shell commands like
catandgrepas secondary methods for reading source material if primary tools are not available. This is a standard capability for technical agents and is used here solely for information retrieval.
Audit Metadata