write-docs-integration-guide

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of external data via the 'Full-draft mode,' where the agent is directed to 'adapt' content from user-provided source URLs (such as vendor documentation, GitHub examples, or blog posts). This creates a surface for indirect prompt injection.
  • Ingestion points: User-supplied source URLs specified in the drafting instructions.
  • Boundary markers: The instructions lack explicit delimiting markers or specific warnings for the agent to ignore potentially malicious instructions embedded in the external content.
  • Capability inventory: The skill has the capability to write and edit files (MDX and TypeScript) and execute shell commands (pnpm build).
  • Sanitization: No explicit validation or sanitization of the ingested content is described before the agent processes and writes it to the repository.
  • [COMMAND_EXECUTION]: The skill executes the shell command pnpm build via the Bash tool as a final verification step. While this is a standard build operation for the project, it involves executing commands in a shell environment after the agent has modified the source code.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 01:53 AM
Security Audit — agent-trust-hub — write-docs-integration-guide