understand-knowledge
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes bundled Python scripts (
parse-knowledge-base.py,merge-knowledge-graph.py) to process wiki data. - [COMMAND_EXECUTION]: System commands are used for maintenance and metadata retrieval.
git rev-parse HEADis called inmerge-knowledge-graph.pyto record the project state.rm -rfis used inSKILL.md(Phase 5) to clean up intermediate analysis files.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its processing of untrusted markdown content.
- Ingestion points:
parse-knowledge-base.pyreads markdown files from a user-specified directory. - Boundary markers: Absent. Instructions in
SKILL.md(Phase 3) pass raw content fromknowledgeMetadirectly to subagents without delimiters or instructions to ignore embedded commands. - Capability inventory: The skill has file-system access (read/write/delete) within the target directory and execution capabilities for local scripts.
- Sanitization: No sanitization or validation of the markdown content is performed before it is passed to LLM subagents.
Audit Metadata