docs-applies-to-tagging
Pass
Audited by Gen Agent Trust Hub on May 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches documentation syntax, guidelines, and key references from official vendor domains including elastic.github.io and elastic.co to ensure validation accuracy.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content from external documentation files.
- Ingestion points: Discovers files using the Glob tool and ingests their content into the agent's context via the Read tool.
- Boundary markers: The instructions do not define specific delimiters or instructions to prevent the agent from obeying instructions potentially embedded within the documentation being processed.
- Capability inventory: The skill has access to file system tools for reading and writing (Read, Glob, Edit) and network access via WebFetch.
- Sanitization: There are no documented procedures for sanitizing or filtering file content for malicious prompts before processing.
Audit Metadata