krt-security-sentinel
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's instructions focus on defensive security auditing and include explicit guardrails against common attack vectors like data exfiltration, unauthorized network scanning, and improper secret handling.
- [PROMPT_INJECTION]: The skill possesses an inherent attack surface for indirect prompt injection due to its requirement to process untrusted data from repository files and PR descriptions.
- Ingestion points: Reads repository files, diffs, and plan documents as specified in SKILL.md and references/compound-master-integration.md.
- Boundary markers: No specific boundary markers or instructions to isolate untrusted data are present.
- Capability inventory: The agent can execute local shell commands and modify local files for remediation purposes (referenced in SKILL.md).
- Sanitization: No input sanitization or data validation processes are defined for the analyzed content.
Audit Metadata