search-docs

Fail

Audited by Gen Agent Trust Hub on Jul 5, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PRIVILEGE_ESCALATION]: The skill instructions mandate the use of mode: "bypassPermissions" when invoking the documentation search subagent. This is an explicit attempt to override security constraints and access controls within the agent's environment.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external input via the $ARGUMENTS variable and interpolates it directly into a subagent prompt without validation or delimiters.
  • Ingestion points: $ARGUMENTS variable in SKILL.md.
  • Boundary markers: Absent. There are no markers to delineate user input from system instructions.
  • Capability inventory: Subagent task execution with administrative/bypass permission levels.
  • Sanitization: Absent. User-supplied search topics are passed to the subagent raw.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Jul 5, 2026, 08:16 PM
Security Audit — agent-trust-hub — search-docs