knowledge-base-navigator
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill's instructions or scripts. The workflow is designed for efficient and secure information retrieval within a local repository context.
- [COMMAND_EXECUTION]: The skill includes a helper script
scripts/build_kb_index.pyused to generate a machine-readable index of the repository. This script is implemented safely usingpathlibfor file operations andyaml.safe_load()for frontmatter parsing, preventing arbitrary code execution. - [PROMPT_INJECTION]: The skill involves reading and processing repository files, which constitutes a surface for indirect prompt injection (Category 8). However, this is inherent to the skill's purpose and mitigated by restricted capabilities.
- Ingestion points: Markdown files in PARA-structured directories.
- Boundary markers: None explicitly defined in instructions.
- Capability inventory: Local file reads.
- Sanitization: None. Given the agent has no network or shell execution capabilities, this surface poses no significant threat.
Audit Metadata