iii-state-management
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized external communications were detected. The skill defines standard architectural primitives for state management using internal engine triggers.
- [COMMAND_EXECUTION]: The skill documentation describes the use of
triggerfunctions to interact with the iii engine state module. These represent standard platform API calls rather than arbitrary shell command execution. - [PROMPT_INJECTION]: The skill defines a data persistence surface where untrusted data enters the agent context via
state::setandstate::updatepayloads (SKILL.md). While no boundary markers or sanitization are specified in this pattern documentation, this is documented as a potential vulnerability surface for indirect prompt injection. The capability inventory includes the ability to write to and list entries from a persistent KV store.
Audit Metadata