Skills
skills/vladm3105/aidoc-flow-framework/doc-tasks-fixer/Gen Agent Trust Hub

doc-tasks-fixer

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill implements logic to manage files and folders using Python's os, shutil, and pathlib modules, specifically for enforcing nested folder rules and updating relative links.
  • [COMMAND_EXECUTION]: Utilizes shell-based checksum verification (sha256sum) to detect modifications in upstream documents (SPEC/TSPEC) and manage configuration drift.
  • [COMMAND_EXECUTION]: Provides an option to execute the mypy static type checker on generated implementation contract code blocks to ensure type compliance.
  • [PROMPT_INJECTION]: The skill ingests external review reports to drive its fix logic, establishing a surface for indirect prompt injection.
  • Ingestion points: Reads review and audit reports (TASKS-NN.R_review_report_vNNN.md, TASKS-NN.A_audit_report_vNNN.md).
  • Boundary markers: No explicit boundary markers or 'ignore' instructions are defined for the ingested data.
  • Capability inventory: File system write access, directory creation, file movement, and execution of local utilities (sha256sum, mypy).
  • Sanitization: No sanitization or content validation of the incoming review reports is described in the fix phases.
  • [SAFE]: The documented behaviors and capabilities are consistent with the skill's stated purpose of automated quality assurance and documentation maintenance within a software development context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 04:26 AM
Security Audit — agent-trust-hub — doc-tasks-fixer