Alex Global Knowledge Skill
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: A thorough review of the SKILL.md and synapses.json files confirms the absence of malicious instructions, prompt injection patterns, or suspicious command execution.
- [DATA_EXPOSURE]: The skill utilizes a local directory (~/.alex/) to store domain knowledge and project insights. This local storage is consistent with the skill's purpose and does not involve sending sensitive data to unknown external endpoints. References to Copilot Memory involve the trusted GitHub Cloud service.
- [PROMPT_INJECTION]: The skill is designed to process knowledge from various projects. Although this constitutes an ingestion surface for Indirect Prompt Injection if the data being read contains malicious instructions, the skill does not possess the capabilities (such as shell execution or file writing) to be exploited by such content.
Audit Metadata