cs-doc-tutorial

Pass

Audited by Gen Agent Trust Hub on Jul 1, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes a local Python script located at .codestable/tools/search-yaml.py. This script is used to query metadata within the project's documentation directories (docs/dev and docs/user) to manage document versions and statuses.
  • [DATA_EXPOSURE]: The instructions direct the agent to read internal project files, such as .codestable/attention.md and various specification documents, to gather the necessary context for generating accurate manuals. This access is restricted to the local project environment and is essential for the skill's functionality.
  • [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it ingests untrusted data from project source code and external specification documents during the documentation drafting process.
  • Ingestion points: Reads content from the docs/ directory, project source code, and internal specification documents (SKILL.md).
  • Boundary markers: The instructions do not specify any delimiters or safety markers to differentiate between documentation content and potential embedded instructions.
  • Capability inventory: The agent can search the filesystem using a local script and write new markdown files to the docs/ directory.
  • Sanitization: No specific sanitization or validation logic is defined for the external content processed by the skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 1, 2026, 12:35 AM
Security Audit — agent-trust-hub — cs-doc-tutorial