discover
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Orchestrates the initialization and optimization workflow through shell commands, including the use of git for workspace management and the evo CLI for experiment execution.\n- [EXTERNAL_DOWNLOADS]: References official vendor packages (evo-hq-agent and @evo-hq/evo-agent) for codebase instrumentation. The skill instructions explicitly mandate that the agent must obtain user confirmation before performing any package installations.\n- [COMMAND_EXECUTION]: Performs dynamic script generation to create benchmark harnesses based on internal templates. These scripts are subsequently executed locally to establish baseline performance metrics.\n- [PROMPT_INJECTION]: Ingests and analyzes repository content (README files, entry points, and source code) to determine optimization targets, which presents a surface for indirect prompt injection.\n
- Ingestion points: Reads project documentation and source code during the discovery phase in SKILL.md.\n
- Boundary markers: Absent; the skill does not specify the use of delimiters when reading external repository data.\n
- Capability inventory: The skill has permissions to write to the file system (.evo/ directory) and execute shell commands (git, evo, and generated benchmarks).\n
- Sanitization: None detected; the skill does not explicitly filter or sanitize content ingested from the repository before processing.
Audit Metadata