short-form-eval
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill employs the
WebFetchtool to retrieve content from external URLs for evaluation. This is standard behavior for its intended use case. - [COMMAND_EXECUTION]: It executes the local script
bun meta-skills/scripts/manifest-sync.tsto maintain the agent's internal state, which is a safe project-level operation. - [SAFE]: Evaluation of indirect prompt injection surfaces: (1) Ingestion points: Data is fetched from user-provided post URLs. (2) Boundary markers: Content is passed as context to sub-agents without explicit sanitization headers. (3) Capability inventory: The agent has access to file writing and local command execution. (4) Sanitization: While explicit sanitization is absent, the rigid output schemas and the multi-agent validation process (Critic agent) provide inherent mitigation against adversarial content.
Audit Metadata