harness-graph
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses bash commands and an inline Python script to manage its local data store in the user's home directory. This is used solely for persisting the knowledge graph state.
- [SAFE]: Data persistence is handled via standard JSON serialization using Python's built-in modules. The update logic uses
json.loadsto safely parse incoming data before merging it into the local graph. - [SAFE]: Analysis of indirect prompt injection surface: (1) Ingestion points: user-provided seed text is processed into nodes. (2) Boundary markers: none. (3) Capability inventory: local file system read and write. (4) Sanitization: data is stored as structured JSON, preventing interpretation as commands. The risk is low and consistent with the skill's intended purpose.
Audit Metadata