Skills
skills/vladm3105/aidoc-flow-framework/doc-ptest-autopilot/Gen Agent Trust Hub

doc-ptest-autopilot

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a potential surface for indirect prompt injection because it processes untrusted data from external documentation to generate new artifacts.
  • Ingestion points: Reads content from various document types including SYS-NN, SPEC-NN, and IPLAN-NNN files.
  • Boundary markers: There are no explicit instructions or delimiters defined to prevent the AI from following malicious instructions that might be embedded within the source documents.
  • Capability inventory: The skill is capable of writing audit, fix, and review reports to the filesystem and executing a specific Python script (validate_ptest.py).
  • Sanitization: The instructions lack defined procedures for sanitizing or validating the input data before it is incorporated into the agent's context.
  • [COMMAND_EXECUTION]: The skill is designed to execute a local validation script (ai_dev_ssd_flow/10_TSPEC/scripts/validate_ptest.py) and orchestrate other automation skills (doc-ptest-audit, doc-ptest-fixer). These actions are performed within the local project environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 04:25 AM
Security Audit — agent-trust-hub — doc-ptest-autopilot