eliteforge-tech-doc
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local shell script located at
scripts/list_doc_and_diagram_sources.sh. This script uses thefindcommand to inventory documentation and diagram files within the current directory for the agent to process. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it is designed to read and interpret the contents of various files (Markdown, text, etc.) in the user's directory. If these files contain adversarial instructions, they could influence the agent's behavior during the summarization process.
- Ingestion points: Files detected by
scripts/list_doc_and_diagram_sources.share read by the agent as instructed inSKILL.md(Step 2). - Boundary markers: None identified; instructions do not specify the use of delimiters or 'ignore' instructions for the content of the files being read.
- Capability inventory: The skill can execute a local shell script and write the output technical design document to the filesystem (e.g.,
./tech-design.md). - Sanitization: There is no evidence of sanitization or filtering applied to the text extracted from the external files before it is processed by the agent.
Audit Metadata