Skills
skills/vladm3105/aidoc-flow-framework/doc-stest-validator/Gen Agent Trust Hub

doc-stest-validator

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the execution of multiple local scripts for its core functionality. These include Python and Bash scripts such as validate_stest.py and validate_all_tspec.sh located within the ai_dev_ssd_flow project directory. While these are purposeful for validation, they represent the execution of local code based on documentation instructions.
  • [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection by processing untrusted data from document files.
  • Ingestion points: The agent reads Markdown files from docs/10_TSPEC/STEST/ for validation.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard potential AI-targeted instructions within the STEST documents.
  • Capability inventory: The skill can execute subprocesses via validation scripts and has file-writing capabilities through the --auto-fix flag used with validate_cross_document.py.
  • Sanitization: No evidence of content sanitization or filtering of the input documents was found in the skill definition.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 04:25 AM
Security Audit — agent-trust-hub — doc-stest-validator