kairos
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by retrieving and acting upon external protocol data through the
kairos_searchtool. \n - Ingestion points: User queries following trigger commands and protocol data fetched via
kairos_search(SKILL.md). \n - Boundary markers: The skill does not define explicit delimiters or instructions to ignore commands embedded within the retrieved protocols. \n
- Capability inventory: The skill utilizes the
kairos_search,kairos_begin,kairos_next, andkairos_attesttools (SKILL.md). \n - Sanitization: No sanitization or validation of the protocol content is described in the prompt.
Audit Metadata