konecty-meta-document
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The script 'scripts/meta_document.py' reads authentication and host configuration from local user files to retrieve API access tokens.\n
- Evidence: Accesses '
/.konecty/credentials' and '/.konecty/.env' to load 'KONECTY_TOKEN' and 'KONECTY_URL'.\n- [EXTERNAL_DOWNLOADS]: The skill communicates with external API endpoints to manage document metadata using the standard library.\n - Evidence: Performs GET and PUT requests to the configured Konecty server using 'urllib.request' for schema management endpoints under '/api/admin/meta'.\n- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface through its metadata retrieval functions.\n
- Ingestion points: Fetches document schemas (including field labels and descriptions) from the remote server via the 'show' and 'fields' commands.\n
- Boundary markers: Lacks explicit delimiters or 'ignore' instructions when displaying retrieved metadata to the agent context.\n
- Capability inventory: Possesses administrative capabilities to modify document definitions, fields, and events on the server.\n
- Sanitization: Metadata retrieved from the server is not filtered or escaped before being output to the console.
Audit Metadata