antithesis-documentation
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install the 'snouty' CLI tool from the vendor's official GitHub repository (github.com/antithesishq/snouty). It specifically references fetching installation instructions from a raw README file on the same repository.
- [COMMAND_EXECUTION]: The skill utilizes shell commands via the 'snouty' CLI to explore, search, and display documentation content. This includes commands like 'snouty docs tree', 'snouty docs search', and 'snouty docs show'.
- [DATA_EXFILTRATION]: The skill performs network operations to fetch markdown documentation from the author's official domain (antithesis.com). These requests are used to retrieve documentation pages and an index file (llms.txt).
- [PROMPT_INJECTION]: The skill processes untrusted external data by ingesting documentation content from both the web and CLI output, which creates a surface for indirect prompt injection.
- Ingestion points: Documentation markdown files retrieved from 'https://antithesis.com/docs/' and text output from the 'snouty docs show' command.
- Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the retrieved documentation.
- Capability inventory: The agent can execute shell commands through the 'snouty' tool and perform network requests to retrieve external files.
- Sanitization: No explicit sanitization, validation, or filtering of the retrieved documentation content is mentioned before it is processed by the agent.
Audit Metadata