curating-library-kg
Pass
Audited by Gen Agent Trust Hub on Jun 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes MATLAB functions such as
library.kg.Populate.runandlibrary.LibraryCuration.saveto manage project metadata. These operations are restricted to the local project environment and are intended for library curation within the Simulink ecosystem. - [PROMPT_INJECTION]: The skill processes library content and existing index files, creating a vulnerability surface for indirect prompt injection (Category 8). 1. Ingestion points: Reads metadata from
.slxfiles and curation state from.satk/library-kg/index.mdandcommon.md. 2. Boundary markers: Absent; the instructions do not specify the use of delimiters when summarizing external content to the user. 3. Capability inventory: File write access to.satk/library-curation.jsonand execution of knowledge graph population routines via the MATLAB environment (SKILL.md). 4. Sanitization: The skill instructions rely on the structured vendor-providedlibrary.*API namespace to handle data parsing and validation, which mitigates raw payload execution.
Audit Metadata