kairos-lite
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: Comprehensive analysis of the skill's instructions and scripts reveals no malicious patterns, exfiltration attempts, or unauthorized command execution.
- [COMMAND_EXECUTION]: The utility script
scripts/job_spec.pyis used to create JSON-formatted job specifications. It is benign, using standard Python libraries to handle user inputs without any file system or network side effects. - [PROMPT_INJECTION]: The skill includes a template (
references/prompt-template.md) that processes external data, creating an indirect prompt injection surface. This is evaluated as safe due to the included operational constraints: - Ingestion points: External workspace data is ingested via the
<context>placeholder inreferences/prompt-template.md. - Boundary markers: The template uses structural delimiters (e.g.,
<context>) to separate untrusted data from instructions. - Capability inventory: The skill provides a job specification generator (
scripts/job_spec.py) but does not include tools for arbitrary code execution or network operations. - Sanitization: No explicit sanitization or filtering of the interpolated context is performed within the provided skill files.
Audit Metadata