knowledge-agent
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill instructions describe a workflow for managing knowledge using internal observation history. No network requests, file system access, or credential usage were detected.
- [NO_CODE]: This skill is composed solely of markdown documentation and contains no scripts, binaries, or configuration files that execute code.
- [PROMPT_INJECTION]: The skill acts as a Retrieval-Augmented Generation (RAG) system, which inherently possesses an indirect prompt injection surface.
- Ingestion points: Untrusted content may enter context from observations via build_corpus and prime_corpus workflows in SKILL.md.
- Boundary markers: The skill does not implement delimiters to isolate retrieved knowledge.
- Capability inventory: Capabilities are restricted to retrieval and Q&A; no shell commands or network operations are present.
- Sanitization: No validation or filtering is performed on observation content.
Audit Metadata