kb-builder
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands to interact with the system environment and the TinyFish CLI tool. Examples include environment checks like 'which tinyfish', 'tinyfish --version', and 'tinyfish auth status', as well as the 'tinyfish agent run' command for core functionality.
- [EXTERNAL_DOWNLOADS]: The skill directs the agent to install the '@tiny-fish/cli' package via npm. This package is a required dependency provided by the vendor 'tinyfish-io'.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes and synthesizes data retrieved from the public web. Ingestion points: External web content is ingested into the agent context via 'tinyfish agent run' calls in SKILL.md. Boundary markers: The skill does not use explicit delimiters or specific 'ignore embedded instructions' warnings when interpolating retrieved web content into synthesis prompts. Capability inventory: The skill can execute shell commands via the TinyFish CLI and perform local file system writes to create the knowledge base. Sanitization: No evidence of content sanitization, escaping, or validation of the retrieved web data is present before it is used to generate the final knowledge base pages.
Audit Metadata