outline
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill communicates with the Outline Wiki API to manage document content. By default, it connects to the official service at https://app.getoutline.com/api, which is a well-known service. \n- [COMMAND_EXECUTION]: The script scripts/outline.py allows the agent to execute wiki operations and write document content to the local filesystem using the --output parameter in the export command. \n- [INDIRECT_PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by processing external document content. \n
- Ingestion points: Document text is ingested via search and read operations in scripts/outline.py. \n
- Boundary markers: There are no explicit delimiters used to isolate external content from the agent's instructions. \n
- Capability inventory: The skill can modify wiki content (create/update) and write files to the local disk (export). \n
- Sanitization: External wiki content is processed without validation or sanitization.
Audit Metadata