Knowledge Base Search
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- No Code (SAFE): The skill consists purely of YAML configuration and Markdown documentation. It does not include any Python scripts, Node.js code, or shell commands.
- Indirect Prompt Injection (SAFE): The skill defines a surface for ingesting external data from the knowledge base. Evidence: 1. Ingestion points:
kb_searchandkb_list_documentstools inSKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: No dangerous tools (shell, file-write, network) are present. 4. Sanitization: Absent. The lack of powerful capabilities and the nature of the tool as a search-only interface make this surface low risk.
Audit Metadata