cs-doc-tutorial
Pass
Audited by Gen Agent Trust Hub on Jul 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local Python script located at
.codestable/tools/search-yaml.py. This script is used to query metadata within the project's documentation directories (docs/devanddocs/user) to manage document versions and statuses. - [DATA_EXPOSURE]: The instructions direct the agent to read internal project files, such as
.codestable/attention.mdand various specification documents, to gather the necessary context for generating accurate manuals. This access is restricted to the local project environment and is essential for the skill's functionality. - [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it ingests untrusted data from project source code and external specification documents during the documentation drafting process.
- Ingestion points: Reads content from the
docs/directory, project source code, and internal specification documents (SKILL.md). - Boundary markers: The instructions do not specify any delimiters or safety markers to differentiate between documentation content and potential embedded instructions.
- Capability inventory: The agent can search the filesystem using a local script and write new markdown files to the
docs/directory. - Sanitization: No specific sanitization or validation logic is defined for the external content processed by the skill.
Audit Metadata