Skills
skills/konecty/skills/konecty-modules/Gen Agent Trust Hub

konecty-modules

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The script scripts/modules.py reads sensitive configuration data from ~/.konecty/.env and ~/.konecty/credentials to manage session access to the Konecty API.\n- [PROMPT_INJECTION]: The skill processes and displays external data from the Konecty API, which could be used for indirect prompt injection if the source is compromised.\n
  • Ingestion points: Data is fetched in scripts/modules.py from the /rest/query/explorer/modules endpoint.\n
  • Boundary markers: The output does not include delimiters or warnings to ignore instructions within the API data.\n
  • Capability inventory: The script's operations are restricted to printing information to stdout; it has no capabilities for executing commands or modifying the system.\n
  • Sanitization: There is no sanitization or validation of module and field names returned by the API.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 07:25 PM
Security Audit — agent-trust-hub — konecty-modules