okf
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled Python script (
validate_okf.py) to perform mechanical checks for OKF v0.1 conformance on local directories. - [SAFE]: Performs standard file system operations, such as creating directories and writing markdown files with YAML frontmatter, which are necessary for the skill's stated purpose of knowledge catalog management.
- [SAFE]: References official documentation from the Google Cloud Platform GitHub repository for format specifications.
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it reads and processes markdown content from potentially untrusted knowledge bundles.
- Ingestion points: File reading logic in
SKILL.md(Generate / refreshindex.md) and thevalidate_okf.pyscript. - Boundary markers: No specific delimiters or safety instructions are defined to separate ingested bundle content from the agent's logic.
- Capability inventory: The agent can write files and execute local validation scripts.
- Sanitization: No explicit sanitization or content validation is performed on the descriptions extracted from concept files.
Audit Metadata