wiki-query
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's operations are confined to the local filesystem, specifically interacting with files like
AGENTS.md,wiki/index.md, and markdown files within thewiki/andraw/directories. This behavior is consistent with its stated purpose of wiki management. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests and processes untrusted markdown content from the repository. It explicitly designates the local
AGENTS.mdfile as the 'source of truth', which could be exploited if an attacker provides a malicious repository. - Ingestion points:
AGENTS.md,wiki/index.md, and other files under thewiki/directory. - Boundary markers: Absent; the skill does not specify the use of delimiters or instructions to ignore embedded commands within the wiki content.
- Capability inventory: The skill utilizes file read and write operations within the local workspace.
- Sanitization: Absent; there is no evidence of validation or filtering for the content read from the wiki files.
Audit Metadata