doc-tspec-fixer
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands to maintain document integrity. Specifically, it executes
sha256sumto compute and verify hashes of upstream specification files during drift detection and auto-merging phases. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) due to its core workflow of processing external documentation. Maliciously crafted review reports or upstream specifications could contain instructions designed to manipulate the agent's file system actions.
- Ingestion points: Reads review/audit reports (
TSPEC-NN.A_audit_report_vNNN.md) and upstream SPEC documents to determine necessary fixes. - Boundary markers: No specific delimiters or "ignore instructions" warnings are defined for the content parsed from these external files.
- Capability inventory: The skill has significant file system capabilities including moving files (
shutil.move), creating directories (os.makedirs), and writing/modifying file content (Path.write_text). - Sanitization: There is no mention of sanitization, escaping, or validation of the natural language content or paths extracted from the input documents before they are used in file operations or prompt construction.
Audit Metadata