design-persona
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
covalCLI to manage resources, including authentication (coval login), resource listing, and persona creation (coval personas create). - [PROMPT_INJECTION]: The skill incorporates external data from user arguments and agent metadata into natural language prompts for persona creation, representing an indirect prompt injection surface. (1) Ingestion points:
$ARGUMENTSand agent data fromcoval agents get. (2) Boundary markers: Absent. (3) Capability inventory: CLI-based persona creation. (4) Sanitization: None detected.
Audit Metadata