knowledge-graph-creation
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected in the skill file.
- [NO_CODE]: The skill consists entirely of descriptive markdown and prompt instructions without any accompanying scripts or binary executables.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process untrusted text documents to extract entities and relationships. While this constitutes an attack surface for indirect prompt injection, the skill's capabilities are limited to generating static data formats (Cypher, Mermaid, JSON-LD) and do not include any high-risk operations such as command execution or file system modification.
- Ingestion points: Processes user-provided text passages and documents (SKILL.md).
- Boundary markers: None explicitly defined to separate input text from processing instructions.
- Capability inventory: Limited to generating text-based graph representations; no subprocess, network, or file-write capabilities are present.
- Sanitization: No explicit sanitization or filtering of input text is described in the workflow.
Audit Metadata