Skills
skills/fadeloo/skills/fetch-meta-from-kb/Gen Agent Trust Hub

fetch-meta-from-kb

Warn

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: MEDIUMCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The script scripts/fetch_meta_from_kb.py accesses sensitive database credentials through environment variables and local files. Evidence: The _load_dotenv_if_exists function searches for and reads .env files in the filesystem, and the _get_db_config function retrieves KB_DB_PASSWORD from the environment.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by retrieving unsanitized text from a database for consumption by an AI agent. Ingestion points: The journals database table fields title and abstract. Boundary markers: No delimiters or ignore instructions are used in the output JSON. Capability inventory: The skill performs local file writes. Sanitization: No validation or escaping of the fetched database strings is implemented.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 10, 2026, 03:55 AM