doc-tspec-reviewer
Warn
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions explicitly mandate the execution of bash commands for hash calculation and drift detection logic.
- Evidence: Section 9 'Hash Calculation' commands the agent to execute
sha256sum <file_path> | cut -d' ' -f1andyq '.<section_name>' <file_path> | sha256sum | cut -d' ' -f1. - Evidence: Direct instruction 'CRITICAL: Execute actual bash commands. DO NOT write placeholder values.' forces the agent into a shell execution context.
- [COMMAND_EXECUTION]: Potential for command injection if file paths or section names extracted from TSPEC documents are not sanitized before being passed to shell utilities like
yqorsha256sum. - [DATA_EXFILTRATION]: The skill performs local file reads and writes (creating reports and a
.drift_cache.jsonfile) but does not contain instructions for external network communication. - [PROMPT_INJECTION]: The skill processes untrusted external documents (TSPEC and SPEC files) that are used as inputs for review logic and hash calculation, creating a surface for indirect prompt injection.
- Ingestion points: TSPEC markdown files in
docs/10_TSPEC/and SPEC yaml files indocs/09_SPEC/. - Boundary markers: None specified in the instructions.
- Capability inventory: Shell command execution (
sha256sum,yq,grep,cut), file write access for reports and cache files. - Sanitization: No evidence of validation or sanitization of document content before processing or shell interpolation.
Audit Metadata