skills/kdocs-app/kdocs-skill/kdocs/Gen Agent Trust Hub

kdocs

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Setup scripts (setup.sh, setup.ps1, setup.cjs) and the main skill instructions perform shell operations to install the kdocs-cli utility and carry out document operations like file deletion, renaming, and permission management.
  • [EXTERNAL_DOWNLOADS]: The skill's installation process fetches platform-specific binaries and checksums from the vendor's official CDN (wpsai.wpscdn.cn).
  • [PROMPT_INJECTION]: The skill processes untrusted document data and web page content through functions like read_file and scrape_url, which serves as a potential surface for indirect prompt injection.
  • Ingestion points: Document reading tools (read_file, otl.block_query) and web scraping tools (scrape_url) in SKILL.md and multiple reference files.
  • Boundary markers: No explicit instructions are provided to separate user-controlled data from internal agent instructions.
  • Capability inventory: Comprehensive document and file system interaction via kdocs-cli, including file deletion, sharing, and content modification.
  • Sanitization: No visible content filtering or instruction scrubbing is implemented within the skill definition.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 12:01 AM
Security Audit — agent-trust-hub — kdocs