knowledge-locator
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to execute a local Python script
scripts/palace_manager.pyto perform search, listing, and indexing operations. This behavior is consistent with the skill's stated purpose of managing and navigating stored knowledge. - [PROMPT_INJECTION]: The skill acts as a retrieval interface for external data sources ('memory palaces'). While this creates an attack surface for indirect prompt injection, no active malicious instructions were found in the static analysis.
- Ingestion points: The agent ingests data returned by
scripts/palace_manager.py(SKILL.md). - Boundary markers: There are no explicit boundary markers or instructions provided to the model to ignore potential instructions embedded in the retrieved data.
- Capability inventory: The skill calls
scripts/palace_manager.pyvia shell commands. - Sanitization: There is no evidence of sanitization or filtering of the retrieved data before it is presented to the model context.
Audit Metadata