Skills
skills/existential-birds/beagle/draft-docs/Gen Agent Trust Hub

draft-docs

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill constructs shell commands using variables derived from user-provided inputs.
  • Evidence: Commands such as mkdir -p docs/drafts, mv docs/drafts/{slug}.md {destination}/{slug}.md, and ls -la docs/drafts/{slug}.md use placeholders like {slug} and {destination}. These are populated based on the "Topic prompt" and user selection, which could lead to path traversal or command injection if the input contains malicious shell metacharacters.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the analysis of untrusted codebase content.
  • Ingestion points: The skill ingests content from the local codebase and git diff output in SKILL.md (Step 0 and Step 3).
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard instructions embedded within the source code being analyzed.
  • Capability inventory: The skill possesses file system access (read/write/move) and shell execution capabilities (git, mkdir, mv).
  • Sanitization: No sanitization or validation of the ingested code content or the generated slug is specified before being used in commands or prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 03:32 AM
Security Audit — agent-trust-hub — draft-docs