didit-kyc-onboarding
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [DATA_EXPOSURE]: The skill is designed to handle highly sensitive Personally Identifiable Information (PII), including full names, dates of birth, and identity document numbers (e.g., passport details) retrieved from the Didit verification service. While this is the intended purpose of the skill, it represents a significant data handling surface.
- [COMMAND_EXECUTION]: The skill includes a Python script (
scripts/run_kyc.py) intended to be executed via the command line, which performs network operations and processes API responses. - [EXTERNAL_DOWNLOADS]: The skill makes network requests to
verification.didit.meandapx.didit.me. These are official endpoints managed by the author (didit-protocol) and are necessary for the skill's functionality. - [INDIRECT_PROMPT_INJECTION]:
- Ingestion points: The skill retrieves user-provided data (such as names and document strings) from the Didit API in
scripts/run_kyc.py. - Boundary markers: The script does not implement delimiters or specific instructions to the agent to treat the retrieved identity data as untrusted content.
- Capability inventory: The agent has the capability to execute the provided Python script and perform further network requests based on the verification results.
- Sanitization: No sanitization or validation is performed on the data returned from the API before it is processed by the agent.
Audit Metadata