skills/duyet/codex-claude-plugins/okf/Gen Agent Trust Hub

okf

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a bundled Python script (validate_okf.py) to perform mechanical checks for OKF v0.1 conformance on local directories.
  • [SAFE]: Performs standard file system operations, such as creating directories and writing markdown files with YAML frontmatter, which are necessary for the skill's stated purpose of knowledge catalog management.
  • [SAFE]: References official documentation from the Google Cloud Platform GitHub repository for format specifications.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it reads and processes markdown content from potentially untrusted knowledge bundles.
  • Ingestion points: File reading logic in SKILL.md (Generate / refresh index.md) and the validate_okf.py script.
  • Boundary markers: No specific delimiters or safety instructions are defined to separate ingested bundle content from the agent's logic.
  • Capability inventory: The agent can write files and execute local validation scripts.
  • Sanitization: No explicit sanitization or content validation is performed on the descriptions extracted from concept files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 07:18 AM
Security Audit — agent-trust-hub — okf