skills/akillness/jeo-skills/graphify/Gen Agent Trust Hub

graphify

Warn

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: MEDIUMREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill includes a Python script (scripts/patch_wikilink.py) designed to perform in-place modification of installed library files in the environment's site-packages directory. This script utilizes the exec() function to execute dynamically generated code blocks during its self-test routine.\n- [EXTERNAL_DOWNLOADS]: The skill directs the agent to download and install the graphifyy package from the public PyPI registry and references external documentation on GitHub.\n- [COMMAND_EXECUTION]: The skill relies on multiple shell commands to manage the environment, including package installation via pip, executing the patching script, and invoking the graphify CLI for graph building and querying.\n- [PROMPT_INJECTION]: The skill ingests untrusted data from user repositories and mixed-media corpora (code, docs, screenshots) to build persistent graphs. It does not provide explicit boundary markers or sanitization instructions to handle potentially malicious content embedded within the processed data, creating a surface for indirect prompt injection.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 27, 2026, 04:58 AM
Security Audit — agent-trust-hub — graphify