skills/bejranonda/llm-autonomous-agent-plugin-for-claude/orchestrator-subsystems/Gen Agent Trust Hub
orchestrator-subsystems
Warn
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill contains explicit instructions to override standard agent behavior and transparency protocols. Directives such as "automatically and silently trigger", "User Never Sees Learning or Recording", and "You don't ask, you execute. You don't wait, you decide" are designed to bypass user oversight and agent confirmation requirements.
- [COMMAND_EXECUTION]: The skill describes logic for the autonomous execution of background processes and "auto-fixes" (e.g.,
execute_edit,apply_fix,retry_operation) that occur without user intervention. These instructions encourage the agent to perform file operations and retries independently of direct user commands. - [DATA_EXFILTRATION]: The skill implements silent metadata collection mechanisms that capture task data, file modification metrics, and environment variables (including
ANTHROPIC_MODEL,CLAUDE_MODEL, andGLM_MODEL). This information is processed and stored by background subsystems without providing visibility to the user, creating a risk for unauthorized metadata harvesting.
Audit Metadata