Knowledge Router
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No patterns of behavior override, safety filter bypass, or jailbreak attempts were found. The use of 'IMPORTANT' or routing markers is limited to intended logical classification.
- [Data Exposure & Exfiltration] (SAFE): There are no hardcoded credentials or references to sensitive file paths (~/.ssh, ~/.aws). All data referenced are public technical library IDs.
- [Obfuscation] (SAFE): The documentation is written in clear markdown without any Base64 encoding, hidden characters, or homoglyph-based evasion techniques.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No external package installations (npm, pip) or remote script executions (curl | bash) are present in the skill files.
- [Indirect Prompt Injection] (SAFE): While the skill analyzes user-provided strings to route queries, the capability surface is limited to read-only documentation lookups. Evidence Chain: 1. Ingestion point: Query classification section; 2. Boundary markers: Absent; 3. Capability inventory: Documentation lookup tools only; 4. Sanitization: Not explicitly defined within the skill as it relies on the MCP tool layer.
Audit Metadata