wiki-query

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's operations are confined to the local filesystem, specifically interacting with files like AGENTS.md, wiki/index.md, and markdown files within the wiki/ and raw/ directories. This behavior is consistent with its stated purpose of wiki management.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests and processes untrusted markdown content from the repository. It explicitly designates the local AGENTS.md file as the 'source of truth', which could be exploited if an attacker provides a malicious repository.
  • Ingestion points: AGENTS.md, wiki/index.md, and other files under the wiki/ directory.
  • Boundary markers: Absent; the skill does not specify the use of delimiters or instructions to ignore embedded commands within the wiki content.
  • Capability inventory: The skill utilizes file read and write operations within the local workspace.
  • Sanitization: Absent; there is no evidence of validation or filtering for the content read from the wiki files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 11:08 PM
Security Audit — agent-trust-hub — wiki-query