Skills
skills/charlesjones-dev/claude-code-plugins-dev/kb-import/Gen Agent Trust Hub

kb-import

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill identifies and processes untrusted content from markdown files in the documentation directory to update the project's core configuration files.
  • Ingestion points: Local markdown files within the docs/kb/ directory are read and parsed to extract tags, topics, and loading scopes.
  • Boundary markers: There are no explicit markers used to separate the content being read from the agent's internal instructions.
  • Capability inventory: The skill is restricted to file system read and write operations on specific project files (CLAUDE.md, _index.md, _log.md). It lacks network access or the ability to execute arbitrary shell commands.
  • Sanitization: A robust human-in-the-loop mechanism is present in Step 4, requiring the user to verify and approve the extracted data (Topic, Path, Scope, Tags) before the configuration is updated.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 01:21 AM