kb-ingest
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs local file management tasks within the project workspace, such as reading markdown files and creating knowledge base entries. It does not attempt any network communication, remote code execution, or unauthorized file access.
- [PROMPT_INJECTION]: The skill includes instructions to ingest and process content from user-provided files. While this creates a surface for indirect prompt injection (where malicious content in source files could influence future agent actions), the risk is mitigated by a mandatory human-in-the-loop confirmation step (Step 4) and explicit instructions to distill content into concise rules rather than copying it verbatim.
- [CREDENTIALS_UNSAFE]: The skill proactively addresses secret management by including a specific security rule that forbids the storage of API keys, tokens, or passwords within the Knowledge Base, recommending instead the use of environment variable patterns.
Audit Metadata