Skills
skills/hoetaek/leaf/leaf-profile/Gen Agent Trust Hub

leaf-profile

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the leaf profile command to retrieve and merge configuration data from global and repository-specific profile files.
  • [PROMPT_INJECTION]: The skill manages a memory system that stores user instructions and requirements in profile files, which are later read and followed by the agent, creating a surface for indirect prompt injection.
  • Ingestion points: Data is ingested from ~/.config/leaf/profile.md and .leaf/PROFILE.md via the leaf profile command output.
  • Boundary markers: No explicit delimiters or instructions are used to distinguish stored profile content from current task instructions.
  • Capability inventory: The skill has the capability to read and modify files in the user's configuration and repository directories via shell commands.
  • Sanitization: There is no evidence of sanitization or validation performed on the content retrieved from or written to the profile files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 07:40 AM
Security Audit — agent-trust-hub — leaf-profile