knowledge-base
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/knowledge-base-cliinitiates the execution of local prebuilt binaries or Go code to facilitate knowledge base queries and indexing. - [PROMPT_INJECTION]: The skill facilitates searching and displaying content from markdown files, which represents an indirect prompt injection surface if those files contain malicious instructions.
- Ingestion points: Markdown files (.md) included in the configured search corpus.
- Boundary markers: There are no boundary markers or instructions to ignore embedded commands in the output scripts.
- Capability inventory: The agent can execute the knowledge-base CLI to search and read local project files.
- Sanitization: The provided shell scripts do not perform any sanitization or filtering on the file content before it is presented to the agent.
- [REMOTE_CODE_EXECUTION]: The setup instructions include a step to install the skill using
npx, which involves downloading and executing the skill package from a remote registry.
Audit Metadata