kb-compile
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The agent is instructed to run the local script
../obsidian-notes-karpathy/scripts/scan_compile_delta.pyto detect changes in the knowledge base. This is part of the skill's functional logic for managing document deltas. - [PROMPT_INJECTION]: The skill processes untrusted content from markdown files and PDFs, creating an indirect prompt injection surface. 1. Ingestion points: raw data folders (
raw/human/**,raw/agents/**,raw/*.md). 2. Boundary markers: None specified in the instructions for content processing. 3. Capability inventory: Local script execution and file system writes to thewiki/drafts/directory. 4. Sanitization: No sanitization or content validation is mentioned. - [SAFE]: All file operations and script executions are targeted at local or sibling directories within the user's workspace, matching the skill's primary purpose of knowledge management and indexing.
Audit Metadata