Skills
skills/wentorai/research-plugins/khoj-research-guide/Gen Agent Trust Hub

khoj-research-guide

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the khoj package from the official Python Package Index (PyPI) and a Docker image from the GitHub Container Registry (ghcr.io).
  • [INDIRECT_PROMPT_INJECTION]: The skill describes a tool that indexes and processes external data (PDFs, Markdown files, and web search results). This creates a potential surface for indirect prompt injection where malicious instructions inside indexed documents could influence the agent's behavior.
  • Ingestion points: Local document directories and web search results are ingested by the Khoj server.
  • Boundary markers: No specific boundary markers or safety delimiters are defined in the integration guide's code snippets.
  • Capability inventory: The skill demonstrates how to interact with the Khoj API and manage local environment variables for model access.
  • Sanitization: Relies on the internal processing and safety mechanisms of the Khoj application.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 04:35 AM