when-optimizing-agent-learning-use-reasoningbank-intelligence

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements an indirect prompt injection surface through its adaptive learning architecture.
  • Ingestion points: The skill captures agent event data including thoughts and observations at runtime (SKILL.md, Step 2.1).
  • Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the captured trajectories.
  • Capability inventory: The skill uses learned patterns to dynamically update agent strategies via agent.updateStrategy and agent.setDecisionModel (SKILL.md, Step 3.3).
  • Sanitization: No sanitization or validation of the captured trajectory content is performed before it is used to influence the decision model.
  • [EXTERNAL_DOWNLOADS]: Fetches and installs vendor-specific dependencies including reasoningbank, agentdb, and claude-flow via npm and npx.
  • [COMMAND_EXECUTION]: Executes shell commands via npx for system initialization and skill execution (README.md, SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 03:21 AM
Security Audit — agent-trust-hub — when-optimizing-agent-learning-use-reasoningbank-intelligence