dbs-content
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides an instructional framework for an AI persona. It does not contain any executable scripts, network requests to untrusted domains, or attempts to access sensitive system files.
- [INDIRECT_PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it is designed to ingest and analyze user-provided content (drafts and topics).
- Ingestion points: User input enters the context in Phase 1 (
SKILL.md) when the user provides topics or draft copy for diagnosis. - Boundary markers: The instructions do not define specific delimiters or instructions for the agent to ignore embedded commands within the user's content.
- Capability inventory: The skill has no dangerous capabilities; it is limited to generating text-based diagnostic reports and recommending internal skill triggers (e.g.,
/dbs-benchmark). No subprocess calls, file writes, or network operations are present. - Sanitization: There is no explicit sanitization or filtering of the user-provided content before it is processed for diagnosis.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns were detected. The skill references an internal knowledge base (
dbskill/知识库/), which is standard for document-retrieval tasks.
Audit Metadata