Skills
skills/famaoai-creator/gemini-skills/knowledge-fetcher/Gen Agent Trust Hub

knowledge-fetcher

Fail

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: HIGHDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: Path traversal vulnerability in src/index.ts. The type argument is concatenated to the base path using path.join without sanitization, allowing navigation to sensitive directories outside the intended knowledge base via .. sequences. Evidence: targetDir = path.join(KNOWLEDGE_BASE, argv.type as string).
  • [DATA_EXFILTRATION]: Exposure of sensitive information. The skill is intentionally designed to search for and return contents from directories defined in SKILL.md as containing confidential company and personal secrets.
  • [PROMPT_INJECTION]: Vulnerability to indirect prompt injection. 1. Ingestion points: src/lib.ts reads data from files in the filesystem. 2. Boundary markers: The skill does not implement delimiters or 'ignore' instructions for the ingested content. 3. Capability inventory: The skill returns full file content to the agent context via runSkill in src/index.ts. 4. Sanitization: No validation or escaping is applied to the ingested content before it is processed by the agent.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 3, 2026, 06:39 PM