Skills
skills/alongor666/chexianduoweifenxi/project-knowledge-base/Gen Agent Trust Hub

project-knowledge-base

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Safe Behavior (SAFE): The provided script generate_index.py performs local indexing of Markdown and JSON files without any network access or high-risk command execution.\n- Indirect Prompt Injection Surface (LOW): The script ingests metadata from user-controlled files and interpolates it into a README.md file, creating a surface where malicious local content could influence an agent.\n
  • Ingestion points: generate_index.py (lines 42, 107, 126) reads from local .md and .json files.\n
  • Boundary markers: None; content is directly inserted into the README without delimiters.\n
  • Capability inventory: Restricted to local file I/O; no subprocess, eval, or network calls identified.\n
  • Sanitization: Metadata strings are not escaped or sanitized before being written to the output file.\n- Missing Files (INFO): Documentation references init_project_kb.py and extract_patterns.py which are not included in the provided files.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 08:50 PM