doc
Pass
Audited by Gen Agent Trust Hub on May 24, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The 'SKILL.md' file uses strong imperative language ("YOU MUST EXECUTE THIS WORKFLOW. Do not just describe it.") to ensure the agent follows the specified documentation generation process.- [COMMAND_EXECUTION]: The skill uses various shell commands including 'ls', 'grep', 'cat', and 'wc' to perform code analysis and coverage calculations. It also instructs the agent to use external command-line tools such as 'gh' (GitHub CLI), 'oc' (OpenShift), and 'bd' (Beads CLI) for status validation and issue tracking.- [REMOTE_CODE_EXECUTION]: The skill documentation and reference files mention the execution of local scripts that are not included in the provided package, such as './scripts/scaffold-report.py' and '~/.claude/scripts/doc-validate.py'.- [PROMPT_INJECTION]: Indirect Prompt Injection Surface:
- Ingestion points: The skill reads project source code, READMEs, and existing documentation files through 'grep', 'cat', and 'ls' as part of the 'discover' and 'gen' workflows.
- Boundary markers: Absent. The skill does not provide the agent with specific delimiters or instructions to treat codebase content as potentially malicious data.
- Capability inventory: The skill requires file system read/write access and the ability to execute shell commands and Python scripts to perform its primary function.
- Sanitization: Absent. There is no evidence of filtering or sanitizing content read from the codebase before it is incorporated into generated reports and files.
Audit Metadata