tiangong-kb-ingest

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the tiangong-ai CLI through a Node.js wrapper script (run_kb_ingest.mjs). This execution utilizes spawnSync with shell: false, a secure implementation that prevents shell command injection by passing arguments directly to the process.
  • [CREDENTIALS_UNSAFE]: Authentication is managed via an API key (TIANGONG_AI_API_KEY) transmitted as a Bearer token. The skill includes a robust 'Safety Boundary' in SKILL.md that explicitly forbids the agent from requesting or utilizing sensitive infrastructure secrets (such as AWS, Supabase, or database credentials), demonstrating strong adherence to the principle of least privilege.
  • [EXTERNAL_DOWNLOADS]: The CLI communicates with the vendor's API endpoint at https://thuenv.tiangong.world:7300. This is the legitimate service domain for the Tiangong Knowledge Base as defined in the skill documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 06:57 AM
Security Audit — agent-trust-hub — tiangong-kb-ingest