kdocs
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Setup scripts (setup.sh, setup.ps1, setup.cjs) and the main skill instructions perform shell operations to install the kdocs-cli utility and carry out document operations like file deletion, renaming, and permission management.
- [EXTERNAL_DOWNLOADS]: The skill's installation process fetches platform-specific binaries and checksums from the vendor's official CDN (wpsai.wpscdn.cn).
- [PROMPT_INJECTION]: The skill processes untrusted document data and web page content through functions like read_file and scrape_url, which serves as a potential surface for indirect prompt injection.
- Ingestion points: Document reading tools (read_file, otl.block_query) and web scraping tools (scrape_url) in SKILL.md and multiple reference files.
- Boundary markers: No explicit instructions are provided to separate user-controlled data from internal agent instructions.
- Capability inventory: Comprehensive document and file system interaction via kdocs-cli, including file deletion, sharing, and content modification.
- Sanitization: No visible content filtering or instruction scrubbing is implemented within the skill definition.
Audit Metadata