Skills
skills/debian777/kairos-mcp/kairos-bundle/Gen Agent Trust Hub

kairos-bundle

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/kairos-bundle.py uses subprocess.run to manage its own execution environment. It invokes pip to install dependencies and re-executes itself within a created virtual environment.
  • [EXTERNAL_DOWNLOADS]: The skill performs network requests to the KAIROS API using the urllib.request module to synchronize protocols. It also connects to the official Python Package Index (PyPI) when setting up its virtual environment.
  • [DATA_EXFILTRATION]: The tool is designed to transfer protocol data between the local filesystem and a KAIROS API. This data movement is the intended primary function of the skill and is controlled via user-provided environment variables and command-line arguments.
  • [SAFE]: Authentication is handled through the KAIROS_TOKEN environment variable, which is a secure practice for managing secrets in this context. No hardcoded credentials or obfuscated code patterns were detected.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 10:37 AM