Skills
skills/liuzhengdongfortest/easysdd/easysdd-libdoc/Gen Agent Trust Hub

easysdd-libdoc

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the execution of local Python utilities, specifically validate-yaml.py and search-yaml.py, to validate documentation structure and search metadata. These tools are invoked within the local project context and are not sourced from external URLs.
  • [PROMPT_INJECTION]: The skill processes untrusted source code to generate documentation, presenting an indirect prompt injection risk.
  • Ingestion points: Source code files targeted for documentation in Phase 1 and Phase 2.
  • Boundary markers: Absent. There are no instructions provided to the agent to treat source code content as untrusted or to ignore embedded instructions.
  • Capability inventory: File system read access (source code), file system write access (documentation output), and execution of local Python validation scripts.
  • Sanitization: The skill utilizes validate-yaml.py to ensure output matches the expected YAML schema, but does not implement filtering or sanitization of the actual documentation content extracted from the code.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 12:32 AM