find-docs
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands (
ctx7 library,ctx7 docs) to resolve technical library identifiers and fetch documentation content. This is the core functional mechanism of the skill. - [EXTERNAL_DOWNLOADS]: The instructions suggest installing or running the
ctx7package from the npm registry usingnpm install -g ctx7@latestornpx ctx7@latest. This is a legitimate tool provided by the author ('code-sherpas') and follows standard developer workflows. - [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface (Category 8) because it retrieves technical documentation and code examples from external sources to be processed by the agent. If the external documentation source were to contain malicious instructions, they could potentially influence the agent's behavior.
- Ingestion points: Technical documentation and info snippets returned by the
ctx7 docscommand. - Boundary markers: None explicitly defined to separate documentation content from agent instructions.
- Capability inventory: The agent uses retrieved data to answer technical questions and generate code snippets for the user.
- Sanitization: No explicit sanitization or validation of the fetched documentation content is mentioned in the skill instructions.
Audit Metadata