manage-docs
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill performs an update check by fetching a version manifest from the author's GitHub repository (https://raw.githubusercontent.com/dev-goraebap/agent-collab/main/manifest.json). This is a standard version check mechanism.
- [COMMAND_EXECUTION]: The skill instructs the agent to perform file system operations such as creating directories, moving files, and writing to index files. It also checks for the presence of a Git repository and external CLI tools.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface: The skill ingests and processes metadata from potentially untrusted project documentation files and external platform pages to maintain repository index files. * Ingestion points: Local spec files (PRDs, ERDs, etc.) and external platform content (Notion, Linear, Confluence, etc.). * Boundary markers: No explicit markers are used when interpolating document names or IDs into AGENTS.md or INDEX.md. * Capability inventory: File system write access (INDEX.md, AGENTS.md), file system read access, and network requests for version checks and platform integrations. * Sanitization: Not explicitly implemented for the data extracted from external document metadata.
Audit Metadata