local-knowledge
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill leverages a local binary
terraphim-agentto perform searches. This is the intended behavior of the tool and is executed within the developer's environment. - [PROMPT_INJECTION] (LOW): The skill has a surface for indirect prompt injection because it processes untrusted data from local notes and external sources.
- Ingestion points: Markdown files in user-defined directories (e.g.,
~/notes/rust/) and external services like GrepApp. - Boundary markers: None explicitly defined in the interpreted output to distinguish search results from system instructions.
- Capability inventory: The agent can execute commands and search across the local filesystem via the terraphim-agent binary.
- Sanitization: No specific sanitization or escaping of the search result content is described in the skill instructions.
Audit Metadata