Skills
skills/derek-x-wang/skills/life-os/Gen Agent Trust Hub

life-os

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on shell command execution for its core synchronization and management tasks. Mandatory commands include git pull, git add, git commit, and git push across all reference files (references/ingest.md, references/lint.md, references/remember.md, references/status.md, references/today.md). Additionally, it uses rm to delete processed files and mv to relocate assets within the local file system.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the /ingest command defined in references/ingest.md.\n
  • Ingestion points: The agent is instructed to read untrusted markdown, image, and PDF files from the inbox/ directory.\n
  • Boundary markers: The instructions lack specific boundary markers or safety warnings to ignore instructions embedded within the ingested files.\n
  • Capability inventory: The agent has broad permissions, including shell execution (git, rm, mv) and the ability to modify the agent's persistent memory (MEMORY.md) and specific local project paths.\n
  • Sanitization: There is no evidence of content sanitization or validation before the ingested data is processed by the agent, potentially allowing a malicious file to influence the agent's behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 11:11 PM