retro
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
timeout_run 1 bd currentto resolve an internal context identifier (bead ID). This is a standard local operation for managing agent state and does not involve external network calls or dangerous elevated privileges. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill writes information provided by the user to local files in the
.agents/learnings/directory. No sensitive files are accessed, and no data is transmitted to external servers. - [INDIRECT_PROMPT_INJECTION]: The skill ingests user input and writes it to markdown files. While it lacks explicit sanitization, the risk is minimal as the output is stored in a dedicated directory for documentation rather than being executed as code.
Audit Metadata