Skills
skills/kynetic-ai/kynetic-spec/kspec-triage-inbox/Gen Agent Trust Hub

kspec-triage-inbox

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes untrusted data from inbox items and observations.
  • Ingestion points: Data enters the agent context via kspec inbox list and kspec meta observations (SKILL.md).
  • Boundary markers: Absent; there are no explicit delimiters or instructions to ignore embedded commands in the processed items.
  • Capability inventory: The skill can execute actions like promote, delete, and spec-gap, and modify records using kspec item set or kspec triage act (SKILL.md).
  • Sanitization: Absent; the skill does not specify any validation or filtering of external content before processing.
  • [COMMAND_EXECUTION]: The skill relies on the vendor-provided kspec CLI for all operations. This includes the kspec batch command, which accepts a JSON array of commands and arguments to perform atomic operations, representing a capability for structured dynamic command execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 02:51 PM