kapso-ops
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Command Execution] (SAFE): The skill triggers local Node.js scripts (e.g.,
scripts/create.js,scripts/messages.js) to perform its tasks. These scripts are internal to the skill package and do not involve suspicious remote downloads or piped command execution. - [Indirect Prompt Injection] (SAFE): The skill's primary function involves reading external data such as message details and API logs. While this presents an inherent surface for indirect prompt injection, it is the intended primary purpose of the skill.
- Ingestion points:
scripts/messages.js,scripts/message-details.js, andscripts/api-logs.js(reading external message and log data). - Boundary markers: None explicitly defined in the documentation; the agent should treat external content as data rather than instructions.
- Capability inventory: Webhook management (create, update, delete) and message lookup capabilities.
- Sanitization: Not explicitly defined in the markdown, assuming the underlying scripts handle parameterization of API calls.
- [Data Exposure] (SAFE): The skill correctly uses environment variables (
KAPSO_API_KEY) for credentials instead of hardcoding secrets, which is a recommended security practice.
Audit Metadata