kb-discover
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's instructions and logic were thoroughly analyzed, and no malicious patterns, obfuscation, or unauthorized access attempts were detected. The skill is designed to operate locally on the codebase.
- [CREDENTIALS_UNSAFE]: The skill includes explicit quality rules to ensure that secrets, tokens, and passwords discovered during code analysis are not captured in the Knowledge Base articles, preserving the security of sensitive information.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests untrusted source code. 1. Ingestion points: Reads files within the user-specified scope (e.g., src/). 2. Boundary markers: Output is distilled into markdown Knowledge Base articles. 3. Capability inventory: Uses Glob, ReadFile, and WriteFile tools. 4. Sanitization: Risk is mitigated by mandatory user review and approval of the complete drafted KB article before writing to disk.
Audit Metadata