kedb
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill is comprised entirely of markdown instructions and templates (SKILL.md, kedb-index.md, kedb-template.md). No scripts, binaries, or configuration files that could execute code are present.
- [SAFE]: Comprehensive analysis of the instructions reveals no malicious patterns, obfuscation, or safety bypass attempts. The skill follows best practices for its intended documentation purpose.
- [DATA_EXFILTRATION]: No network operations or access to sensitive system paths (like SSH keys or environment variables) were found. The skill only interacts with its internal documentation files.
- [PROMPT_INJECTION]: The skill handles data from local markdown files, which presents a surface for indirect prompt injection. 1. Ingestion points: Reads content from kedb-index.md and entries/*.md during investigation workflows. 2. Boundary markers: No specific delimiters or instructions to ignore embedded commands are present. 3. Capability inventory: Limited to writing markdown files in the local directory and updating a central index. 4. Sanitization: Content from the files is used directly without specific validation or filtering. Note: This risk is inherent to the skill's function and is mitigated by the requirement for human invocation for all write operations.
Audit Metadata