docs-validate-code-samples

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Step 1 resolves file targets by executing bash -O globstar -c 'printf "%s\n" <glob>' where the glob pattern is derived from user-supplied arguments. This pattern presents a potential command injection surface if the input contains shell metacharacters like semicolons or backticks.
  • [COMMAND_EXECUTION]: The skill utilizes shell-based tools including jq and perl to process and validate content extracted from markdown files. Maliciously crafted documentation files could attempt to exploit these processing steps, although the skill instructions include logic to strip common markers and placeholders before parsing.
  • [EXTERNAL_DOWNLOADS]: The skill fetches reference material and validates API endpoints using vendor-specific MCP tools (mcp__elastic-docs__search_docs and mcp__elastic-docs__get_document_by_url) to access documentation from official Elastic sources.
  • [PROMPT_INJECTION]: The skill processes untrusted markdown content that enters the agent's context through file reads.
  • Ingestion points: Target .md files and user-provided path arguments.
  • Boundary markers: The agent is instructed to ignore content inside HTML comments and specific MyST directives, though no rigorous sanitization of code block content is defined before shell processing.
  • Capability inventory: Access to Bash, Read, Write, Grep, and network-capable MCP tools.
  • Sanitization: The skill performs pre-processing (stripping callouts and template variables) before JSON validation, which serves as a basic form of data normalization.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 07:00 AM
Security Audit — agent-trust-hub — docs-validate-code-samples