when-documenting-code-use-doc-generator
Warn
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The bash scripts (slash-command-doc-api.sh, slash-command-doc-inline.sh, slash-command-doc-readme.sh) utilize
npx claude-flow@alphato run hooks, which involves downloading and executing code from an external package registry at runtime.\n- [REMOTE_CODE_EXECUTION]: Runningnpxwith an unpinned tag (@alpha) for an external package allows for the execution of remote code that can be updated without the user's knowledge.\n- [COMMAND_EXECUTION]: The skill executes shell commands (grep, find, jq) to parse project files. This provides a mechanism for malicious data to influence command execution if files are crafted to exploit these tools.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its analysis of untrusted codebase contents.\n - Ingestion points: Source files (.js, .ts, .py) and configuration files (package.json, pyproject.toml) in the project directory.\n
- Boundary markers: None. The skill does not use delimiters to isolate untrusted data when generating documentation or comments.\n
- Capability inventory: File system modification, shell command execution, and interaction with external framework components.\n
- Sanitization: None. No validation is applied to data extracted from project files before use.
Audit Metadata