kuroco-content-management
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or sensitive local file access detected. API interactions use relative paths and standard authentication patterns (credentials: 'include').
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external package dependencies or remote script execution patterns were found in the skill files.
- [Indirect Prompt Injection] (LOW):
- Ingestion points: Content is retrieved from the Kuroco CMS API (e.g., 'subject', 'contents') in files
SKILL.mdandreferences/filter-query.md. - Boundary markers: No delimiters or instructions to ignore embedded commands are present in the provided templates.
- Capability inventory: The skill defines patterns for creating, updating, and deleting content via the CMS API.
- Sanitization: The code snippets demonstrate direct interpolation of search keywords into filter strings without explicit sanitization, which is a common pattern for this API but represents a potential injection surface if the agent handles malicious CMS content.
Audit Metadata