Skills
skills/affaan-m/everything-claude-code/autonomous-agent-harness/Gen Agent Trust Hub

autonomous-agent-harness

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Downloads and configures MCP servers from Anthropic's official registry, which are trusted sources.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it is designed to ingest and act upon untrusted data from external environments.
  • Ingestion points: Processes data from GitHub notifications, PR bodies, calendar events, and external search results as defined in the 'Example Workflows' section of SKILL.md.
  • Boundary markers: Absent; the prompts used in scheduled tasks do not include delimiters or instructions to ignore embedded commands in the fetched data.
  • Capability inventory: The agent possesses significant capabilities including file system writes (memory), GitHub API interactions (posting comments), and browser/desktop control (computer-use MCP).
  • Sanitization: No evidence of sanitization or validation of external content before it is processed by the agent.
  • [COMMAND_EXECUTION]: Uses programmatic mode (claude -p) and npx to initialize tasks and load MCP servers. While these are powerful capabilities, they are used here according to standard platform practices.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 07:05 AM