Skills
skills/existential-birds/beagle/ensure-docs/Gen Agent Trust Hub

ensure-docs

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted code from the local directory and uses sub-agents with write permissions to process it.
  • Ingestion points: In Phase 4 (Interactive Generation), the sub-agents read function/class/type implementations from the codebase to understand their behavior.
  • Boundary markers: The instructions for sub-agents lack explicit boundary markers or directions to ignore natural language instructions found within the code comments or string literals.
  • Capability inventory: The generation agents are explicitly instructed to use the Edit tool to apply changes to the codebase.
  • Sanitization: No sanitization or validation of the ingested code content is performed before it is processed by the LLM sub-agents.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes npx eslint for verification in Phase 5. If the required ESLint packages or plugins (e.g., eslint-plugin-jsdoc) are not present in the local environment, npx may attempt to download them from the npm registry at runtime.
  • [COMMAND_EXECUTION]: The skill executes several shell commands for environment discovery and linting, including find, grep, ruff, and staticcheck. These commands are standard for the skill's intended purpose of analyzing and verifying a codebase.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 12:41 PM