Skills
skills/espennilsen/pi/node-docs/Gen Agent Trust Hub

node-docs

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes external documentation files and metadata, creating a surface for indirect prompt injection where malicious content within those files could influence agent behavior.
  • Ingestion points: Reads Markdown documentation from embedded-docs/ and structured data from exports/ (SKILL.md).
  • Boundary markers: Absent; the instructions do not define delimiters or provide warnings to ignore embedded instructions in the ingested data.
  • Capability inventory: Includes the ability to write to the file system, execute shell commands, and run Python scripts (SKILL.md).
  • Sanitization: None; the skill does not perform any validation or sanitization of the input content before processing.
  • [COMMAND_EXECUTION]: The skill uses shell commands and dynamic Python execution for file management and quality auditing tasks.
  • Shell commands: Uses find, rg (ripgrep), and wc for file discovery and counting.
  • Dynamic execution: Utilizes python3 -c to execute inline Python scripts that parse JSON files and validate content fields.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 02:13 PM