Skills
skills/olafgeibig/skills/md-wiki/Gen Agent Trust Hub

md-wiki

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from URLs and external documents during the ingest operation, which could contain instructions intended to influence agent behavior during summarization or cross-referencing.
  • Ingestion points: Uses the web_extract tool to fetch external content from URLs and save it to the raw/ directory (described in SKILL.md).
  • Boundary markers: The instructions do not specify any delimiters or safety warnings to wrap external content when the agent processes it for wiki updates.
  • Capability inventory: The skill utilizes read_file, write_file, search_files, and patch tools for file management, and executes a local Python script for auditing.
  • Sanitization: There is no evidence of sanitization or filtering of the ingested content before the agent analyzes and incorporates it into wiki pages.
  • [COMMAND_EXECUTION]: The skill executes a local Python script to perform maintenance tasks such as finding broken links and orphaned pages.
  • Evidence: SKILL.md contains instructions to execute python3 ~/.hermes/skills/md-wiki/scripts/lint_wiki.py with path arguments.
  • Context: The script scripts/lint_wiki.py uses standard libraries (os, re, argparse) and only performs file system operations within the specified wiki directory.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 06:15 AM