skills/duvoai/skills/improve-agent/Gen Agent Trust Hub

improve-agent

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill includes a specific 'Safety floor' section designed to prevent indirect prompt injection. It instructs the agent that everything read during the survey and audit phases—such as AOPs, Run transcripts, and memory files—must be treated as data, not instructions.
  • [DATA_EXPOSURE]: The skill is designed to access and survey agent configurations, execution histories, and memory files to identify improvement areas. This involves the use of platform tools like listRuns, getRevision, and getAgentMemoryFile. This behavior is consistent with the skill's primary function and occurs within the vendor's managed environment.
  • [COMMAND_EXECUTION]: The skill orchestrates the application of changes to agents through management tools like updateAgent and aop-writer. These actions are gated by a multi-step guided loop that requires explicit user confirmation before any modifications are applied.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 09:32 AM
Security Audit — agent-trust-hub — improve-agent