Skills
skills/jfrac/awase-skill/awase/Gen Agent Trust Hub

awase

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands for directory management and profile resetting. These are scoped within the configuration:
  • Shell access is restricted to mkdir for creating directories and rm for deleting the specific profile file located at ~/.awase/profile.json.
  • [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection due to its core functionality of analyzing session code to create exercises.
  • Ingestion points: The skill reads active session code (SKILL.md, Step 2) to identify 'Surface' and 'Underlying' concepts for training.
  • Boundary markers: No explicit boundary markers or delimiters are specified when the extracted concepts are used to generate exercise prompts.
  • Capability inventory: The skill has access to Read, Write, and restricted Bash tools to modify the file system and manage its profile.
  • Sanitization: The instructions include a robust security section requiring the agent to redact credentials, API keys, and tokens from both the exercise output and the stored profile before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 08:24 AM