continuity-kernel
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to manage local agent state (Soul Cards and Mission Tickets) using SQLite. All data is stored in the user's local state directory at ~/.local/state/continuity-kernel/. The implementation is built exclusively using the Python standard library and does not require external packages or remote dependencies.
- [COMMAND_EXECUTION]: The skill provides Python scripts for generating runtime proofs and performing shadow evaluations. These scripts facilitate local performance monitoring and state verification. They operate solely on local file paths (e.g., ~/.cache/continuity-kernel/) and do not interact with the network or execute untrusted shell commands.
- [PROMPT_INJECTION]: The skill handles evaluation traces and agent state data as structured JSON. Ingestion points include run_shadow_eval.py (via --trace-jsonl files) and store.py (via SQLite persistence). Boundary markers are established using structured JSON schemas. Capabilities are restricted to local file system operations. Sanitization is enforced through JSON encoding/decoding and parameterized SQL queries.
Audit Metadata