skills/danielmiessler/lifeos/Migrate/Gen Agent Trust Hub

Migrate

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell commands using the bun runtime to run classification and approval scripts (MigrateScan.ts, MigrateApprove.ts).
  • [COMMAND_EXECUTION]: Initiates a background network request to localhost:31337 using curl for status notifications.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to ingest and process untrusted external content (e.g., Cursor rules, journal dumps, stdin) that could contain malicious instructions.
  • Ingestion points: Processes data from arbitrary file paths, directory recursion, and stdin via the MigrateScan.ts tool.
  • Boundary markers: Implements provenance tracking by wrapping committed content in HTML comments noting the source file, section, and timestamp.
  • Capability inventory: Has the ability to read arbitrary user files and write to system-critical agent files such as memory/feedback_*.md (rules) and USER/PRINCIPAL_IDENTITY.md.
  • Sanitization: Employs a tiered confidence system (≥70% auto-approve; 40-70% confirm; <40% walk-through) and explicitly prevents bulk-approval of 'UNCLEAR' chunks to ensure human oversight of high-risk or ambiguous content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 03:33 PM
Security Audit — agent-trust-hub — Migrate