aeon-autoresearch
Warn
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to perform file system operations, including reading, creating, and overwriting
SKILL.mdfiles. It also specifies the use of shell-based version control commands such asgit branchandgit mergeto manage instruction variations. - [DYNAMIC_EXECUTION]: The primary purpose of the skill is to generate new instructional logic (variations A, B, C, D) and programmatically apply them to replace existing operational code. This dynamic modification of the agent's executable instructions represents a high-risk capability that could be used to introduce unauthorized behaviors.
- [INDIRECT_PROMPT_INJECTION]: By acting as a transformation engine for other instructions, the skill creates a broad attack surface. If the 'target' skill contains malicious patterns or if the generation process is subverted, the agent could inadvertently propagate or escalate prompt injection attacks within its own environment.
Audit Metadata