skill-evolution

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill defines procedures for corpus-level maintenance using the skill-graph toolset. Its behavior is consistent with its stated purpose of systematically auditing and improving project-specific agent skills.
  • [COMMAND_EXECUTION]: The skill teaches the agent how to execute the skill-graph evolve command with various flags (e.g., --auto-improve, --continuous). This is the primary intended function of the skill within its workspace.
  • [EXTERNAL_DOWNLOADS]: The skill references its official project repository (github.com/jacob-balslev/skill-graph) for grounding and integrity verification. This is a trusted resource provided by the author for project functionality.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: The skill uses a sidecar file (audit-state.json) to track the audit status and integrity of the skill library. This is a recognized best practice for maintaining a verifiable chain of trust in agent skill management.
  • [INDIRECT_PROMPT_INJECTION]: The skill possesses a vulnerability surface as it is designed to ingest and process a library of external skills.
  • Ingestion points: Skill library corpus (configured via --skills-dir).
  • Boundary markers: Not explicitly defined in instructions for processed content.
  • Capability inventory: File modification (improve operation), CLI execution (evolve), and script evaluation (evaluate runner).
  • Sanitization: Not mentioned in the instructional text. This surface is inherent to the tool's primary purpose of corpus management and does not indicate malicious intent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 04:36 AM
Security Audit — agent-trust-hub — skill-evolution