meditation

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill directs the agent to execute a local script node .github/muscles/meditation-snapshot.cjs to update session metadata in .github/quality/meditation-snapshot.json and manage the archive of project chronicles.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting conversation history and user-provided insights to update persistent instruction files such as .github/copilot-instructions.md and .github/instructions/*.instructions.md.
  • Ingestion points: User actions, fixed bugs, features added, and surprising discoveries processed during the 'Review' phase in SKILL.md.
  • Boundary markers: No specific delimiters or warnings for embedded instructions are provided for the content being persisted.
  • Capability inventory: The skill modifies high-privilege instruction and configuration files and executes local maintenance scripts.
  • Sanitization: There is no mention of sanitization or validation of extracted insights before they are recorded into the project's behavioral instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 10:33 AM
Security Audit — agent-trust-hub — meditation