write-docs-integration-guide
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the ingestion of external data via the 'Full-draft mode,' where the agent is directed to 'adapt' content from user-provided source URLs (such as vendor documentation, GitHub examples, or blog posts). This creates a surface for indirect prompt injection.
- Ingestion points: User-supplied source URLs specified in the drafting instructions.
- Boundary markers: The instructions lack explicit delimiting markers or specific warnings for the agent to ignore potentially malicious instructions embedded in the external content.
- Capability inventory: The skill has the capability to write and edit files (MDX and TypeScript) and execute shell commands (
pnpm build). - Sanitization: No explicit validation or sanitization of the ingested content is described before the agent processes and writes it to the repository.
- [COMMAND_EXECUTION]: The skill executes the shell command
pnpm buildvia the Bash tool as a final verification step. While this is a standard build operation for the project, it involves executing commands in a shell environment after the agent has modified the source code.
Audit Metadata