doc-diagnostic

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious code, obfuscation, or persistence mechanisms were found. The skill is instructional and provides canonical documentation references.\n- [EXTERNAL_DOWNLOADS]: The skill references reputable external documentation sites and standards, including adr.github.io, keepachangelog.com, and Google SRE resources. These are well-known technology services and are used neutrally as authoritative references.\n- [COMMAND_EXECUTION]: References a local script plugins/doc-master/scripts/validate_adrs.py for canon validation. This is part of the expected tooling for documentation management and does not involve arbitrary command execution.\n- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted markdown data during its audit procedure.\n
  • Ingestion points: Local markdown files in directories such as docs/ and decisions/.\n
  • Boundary markers: None present for the ingestion of document content.\n
  • Capability inventory: The skill can suggest file moves, deletions, and rewrites, and references an external validation script.\n
  • Sanitization: The skill explicitly requires human sign-off for any destructive actions and forbids the auto-generation of critical doc owners or triggers.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 03:39 AM
Security Audit — agent-trust-hub — doc-diagnostic