skills/evo-hq/evo/optimize/Gen Agent Trust Hub

optimize

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Orchestrates a complex workflow through extensive use of the evo CLI. It manages background processes and parallel sub-agent lifecycles across various host environments using tools like evo dispatch and native host primitives (e.g., Bash(run_in_background=true) on Claude Code).
  • [INDIRECT_PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing external data from benchmark outcomes and execution traces.
  • Ingestion points: Reads outcome.json and traces/task_*.json in steps 1, 2, 3, and 6 to identify failure patterns.
  • Boundary markers: Employs dedicated "scan sub-agents" explicitly restricted to read-only operations and forbidden from running experiments or editing code to ensure analysis remains isolated from execution.
  • Capability inventory: Employs evo new and evo run which facilitate code modification and execution, along with background bash processes for orchestration.
  • Sanitization: Relies on orchestrator verification steps and structured brief generation to ensure findings are supported by verbatim evidence rather than speculative or injected content.
  • [DYNAMIC_EXECUTION]: The skill is designed to perform runtime code generation and execution as part of its primary optimization purpose. It directs sub-agents to form edits, modify source code within experiment worktrees, and evaluate those changes using the evo run command within an isolated environment.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 12:29 PM
Security Audit — agent-trust-hub — optimize