ontology
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements robust security for local data management. Its core script, scripts/ontology.py, uses path resolution logic to prevent directory traversal attacks and restricts all file operations to the workspace root.
- [SAFE]: The ontology schema incorporates security-conscious patterns by programmatically forbidding the storage of sensitive attributes like passwords, tokens, or API keys in the Credential entity type, enforcing the use of indirect secret references.
- [PROMPT_INJECTION]: The skill possesses a data ingestion surface for user-provided knowledge, which represents a potential indirect prompt injection vector. This risk is mitigated by structured JSONL storage and input validation in scripts/ontology.py (Evidence: 1. Ingestion points in user-defined entity properties; 2. Boundary markers provided by the JSONL record format; 3. Capability inventory includes file-writing to the local memory directory; 4. Sanitization via schema property and enum validation).
- [EXTERNAL_DOWNLOADS]: The skill references the pyyaml library for schema processing, which is an industry-standard and trusted dependency.
Audit Metadata