Skills
skills/charlesjones-dev/claude-code-plugins-dev/kb-query/Gen Agent Trust Hub

kb-query

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill reads multiple markdown files from the docs/kb/ directory and CLAUDE.md to synthesize answers. While these are project documentation files, this constitutes a data access pattern that could be leveraged if combined with network operations, though no network activity is present in this skill.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the knowledge base files it processes.
  • Ingestion points: Reads content from any .md file within docs/kb/ and the CLAUDE.md catalog.
  • Boundary markers: Absent. There are no explicit instructions to the agent to ignore or delimit potentially malicious instructions contained within the KB files being synthesized.
  • Capability inventory: The skill has the ability to read files, create new markdown files in docs/kb/, and modify existing project files such as CLAUDE.md, _index.md, and _log.md.
  • Sanitization: Absent. The skill does not validate or sanitize the content retrieved from the KB files before using it in synthesis or writing it back to new files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 01:21 AM