Skills
skills/vanillaflava/llm-wiki-claude-skills/wiki-query/Gen Agent Trust Hub

wiki-query

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes external content from a user's markdown wiki to synthesize answers.
  • Ingestion points: The agent reads index.md, Overview.md, and any user-created markdown files identified within the designated wiki root (referenced in SKILL.md).
  • Boundary markers: The skill instructions do not specify the use of delimiters or provide instructions to the model to ignore embedded commands within the ingested files.
  • Capability inventory: The skill is restricted to filesystem read and write operations on markdown files; it does not have the capability to execute shell commands or initiate network requests.
  • Sanitization: There is no evidence of sanitization or validation logic for the content read from the markdown files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 08:08 AM