Skills
skills/morzecrew/forze/forze-documents-search/Gen Agent Trust Hub

forze-documents-search

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill instructions or code snippets. The content is purely technical documentation for a data access kernel.
  • [PROMPT_INJECTION]: The skill defines interfaces for processing queries (query, filters). While this constitutes a surface for indirect prompt injection if processing untrusted data, the design mitigates this by enforcing a structured JSON DSL rather than raw query strings.
  • [INDIRECT_PROMPT_INJECTION_SURFACE]: 1. Ingestion points: query and filters fields in SearchQueryPort and DocumentQueryPort (SKILL.md). 2. Boundary markers: Not specified in the provided documentation examples. 3. Capability inventory: Database read and write operations via DocumentQueryPort and DocumentCommandPort. 4. Sanitization: The architecture mandates a structured JSON DSL, providing a robust layer of protection against raw injection attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 11:10 PM
Security Audit — agent-trust-hub — forze-documents-search