keriox
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill consists entirely of technical documentation and API references. No security issues were identified.\n- [NO_CODE]: This skill provides reference material only and does not include any executable scripts, binaries, or active configuration files that could pose a direct security risk.\n- [PROMPT_INJECTION]: Although the skill is documentation-only, it describes an architecture for processing external data streams, which is a potential indirect injection surface if implemented by an agent.\n
- Ingestion points: Protocol message parsing functions (e.g.,
parse_event_stream) and network listeners described inapi.mdandcomponents.md.\n - Boundary markers: Relies on KERI protocol structures (CESR/JSON) rather than AI-specific delimiters.\n
- Capability inventory: Describes network operations (
reqwest,actix-web) and file storage (redb,sqlite).\n - Sanitization: Documentation specifies signature verification and event semantics validation as core security measures.
Audit Metadata