Skills
skills/konecty/skills/konecty-update/Gen Agent Trust Hub

konecty-update

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The script scripts/update.py reads local configuration files containing sensitive credentials at ~/.konecty/.env and ~/.konecty/credentials. This is the expected behavior for the Konecty integration to authenticate its API requests.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data. 1. Ingestion points: The patch and update commands in scripts/update.py take data from CLI arguments. 2. Boundary markers: Absent. The instructions do not define boundaries for external data. 3. Capability inventory: The script performs network operations (HTTP PUT/POST) to the Konecty API. 4. Sanitization: No filtering or sanitization is applied to the input JSON data before it is sent to the server.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 07:25 PM