kairos-refine-search
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests user queries to refine search parameters, which represents an indirect prompt injection surface. Evidence: 1. Ingestion points: The user's original message is analyzed in Step 1 of the references/KAIROS.md protocol. 2. Boundary markers: No explicit delimiters or ignore-instructions are used to wrap the ingested user data. 3. Capability inventory: The skill utilizes tools such as kairos_search, kairos_begin, kairos_next, and kairos_attest. 4. Sanitization: No sanitization or input validation logic is present in the skill or the referenced protocol.
Audit Metadata