Skills
skills/vladm3105/aidoc-flow-framework/doc-brd-autopilot/Gen Agent Trust Hub

doc-brd-autopilot

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes content from external sources to generate documents.
  • Ingestion points: Reference documents (docs/00_REF/), user prompts (--prompt), and implementation plans (--iplan).
  • Boundary markers: There are no explicit instructions or delimiters defined to prevent the agent from following instructions embedded within the ingested data.
  • Capability inventory: The agent can write files, execute local shell scripts, and run system commands.
  • Sanitization: While it includes an audit cycle, there is no specific filtering for malicious natural language instructions.
  • [COMMAND_EXECUTION]: The skill utilizes several standard shell utilities to process files and metadata. Evidence includes the use of grep, ls, tr, cut, and sha256sum within described bash snippets for ID reservation and hash computation.
  • [REMOTE_CODE_EXECUTION]: The skill instructs the agent to execute a local validation script. Evidence: The execution of bash ai_dev_ssd_flow/01_BRD/scripts/validate_brd_wrapper.sh during the audit phase.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 11:59 AM
Security Audit — agent-trust-hub — doc-brd-autopilot