assess-docs-links
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from documentation roots and a specification file (
../../specs/artifact-contract.md) to build a link graph. This creates a surface for indirect prompt injection where instructions hidden within documentation could potentially affect the agent's logic during processing. - Ingestion points: Documentation files (Markdown/Wiki) and project specification files.
- Boundary markers: The instructions lack explicit boundary markers or directions for the agent to ignore instructions embedded in the data.
- Capability inventory: The skill is restricted to file system read and write operations; it does not have network access or the ability to execute shell commands.
- Sanitization: No sanitization or validation of the ingested content is specified.
Audit Metadata