ontology
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's Python utility,
scripts/ontology.py, implements aresolve_safe_pathfunction that validates all file access against the workspace root. This mechanism effectively prevents path traversal attacks by ensuring that the agent cannot read or write files outside of its intended scope. - [SAFE]: The skill enforces secure handling of sensitive data. Both the documentation and the validation logic within the script explicitly forbid the direct storage of passwords, tokens, or API keys, instead requiring the use of indirection via secret references to external secure storage.
- [SAFE]: All data parsing is performed using secure methods. The skill utilizes
json.loadsfor processing graph records andyaml.safe_loadfor schema definitions, which mitigates the risk of unsafe deserialization or remote code execution via malformed configuration files. - [SAFE]: The skill operates entirely within the local workspace and does not perform any external network requests or remote script downloads. No evidence of prompt injection, persistence mechanisms, or privilege escalation was found in the provided files.
Audit Metadata