wiki-query
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill includes robust security checks to prevent directory traversal or access to sensitive system areas. It explicitly forbids operations if the scope is set to a drive root or user home directory (SKILL.md, Step 2).
- [SAFE]: External references to the vanillaflava GitHub repository (github.com/vanillaflava/llm-wiki-skills) are legitimate vendor resources used for documentation and configuration templates.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection attack surface as it processes untrusted markdown content from the wiki pages to synthesize answers.
- Ingestion points: The agent reads and processes markdown files from the wiki root (SKILL.md, Step 3).
- Boundary markers: No specific boundary markers or instructions are provided to the agent to distinguish between valid data and potentially malicious embedded instructions in the wiki pages.
- Capability inventory: The skill has filesystem write access to create new wiki pages and update the operation log (SKILL.md, Step 6).
- Sanitization: The skill does not perform any automated sanitization or filtering of the content retrieved from the wiki pages.
Audit Metadata