wiki-code
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses bash to execute qmd and git. These are used for searching and tracking changes within the local repository. The allowed-tools metadata restricts execution to these specific commands, preventing broader shell access.
- [PROMPT_INJECTION]: The skill ingests data from local project files to generate wiki content, creating an indirect prompt injection surface. Evidence: Ingestion points include qmd get on project files; boundary markers are absent; capabilities include file writing and restricted bash; sanitization is not specified. This is assessed as safe behavior for a documentation management skill.
Audit Metadata