agentwiki
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill identifies and mitigates both direct and indirect prompt injection risks. It contains defensive instructions to ignore malicious commands (like 'ignore previous instructions') that might be present in wiki content.
- Ingestion points: Document bodies and search results retrieved via CLI or MCP (referenced in SKILL.md).
- Boundary markers: Explicit security policy in SKILL.md directing the agent to treat external content as data, not commands.
- Capability inventory: CLI and MCP tools for workspace management (detailed in references/mcp-tools.md and references/cli-commands.md).
- Sanitization: Instructions guide the agent to disregard any embedded overrides found in retrieved data.
- [DATA_EXFILTRATION]: The skill manages authentication using API keys and a local credentials file (~/.agentwiki/credentials.json). It enforces a strict policy against logging, sharing, or exfiltrating these credentials to any third party.
- [COMMAND_EXECUTION]: The skill utilizes the agentwiki CLI for management tasks. Safety protocols are included, such as requiring explicit user confirmation for destructive operations like deletions.
- [EXTERNAL_DOWNLOADS]: The skill references the @aiagentwiki/cli package from the official npm registry, which is a trusted resource for providing the platform's command-line interface.
Audit Metadata