kong-zi
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of natural language instructions and research-based content designed to simulate a specific persona. It does not include any scripts, commands, or tool invocations.
- [REMOTE_CODE_EXECUTION]: No remote script downloads or dynamic execution patterns were identified. The installation command mentioned in the documentation (
npx skills add OpenDemon/kong-zi-skill) is a standard platform setup instruction and does not represent a runtime risk within the skill's logic. - [DATA_EXFILTRATION]: No network operations or access to sensitive local files (such as credentials or environment variables) were detected.
- [PROMPT_INJECTION]: The instructions establish a personality and worldview without attempting to bypass safety guardrails, override system instructions, or extract system prompts.
- [EXTERNAL_DOWNLOADS]: The skill references several external research sources (Wikipedia, Philosophy China, etc.) to support its persona development. These are documented neutrally as authoritative references and do not involve runtime downloads of executable content.
Audit Metadata