kotlin-multiplatform-libraries-expert
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill performs network requests to the klibs.io registry and its MCP server at
https://api.klibs.io/mcp. These requests are used to retrieve library versions, Gradle dependency coordinates, and target platform compatibility data. - [PROMPT_INJECTION]: The skill ingests and processes untrusted data from an external source, specifically package descriptions and README content from the klibs.io repository. This represents an indirect prompt injection surface where a malicious package author could attempt to influence agent behavior through instructions embedded in the library's metadata.
Audit Metadata