principle-laziness-protocol

Pass

Audited by Gen Agent Trust Hub on Jul 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute local commands using codex exec and the spawn-codex-worker script for task delegation. These are presented as standard operational procedures for the agent within its host environment.
  • [PROMPT_INJECTION]: The skill defines behavioral overrides and model selection policies, which guide the agent's internal reasoning and delegation logic.
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection via the processing of untrusted subagent outputs and task calls.
  • Ingestion points: Task or subagent calls as described in SKILL.md.
  • Boundary markers: None present in the instructions.
  • Capability inventory: Execution of codex exec, spawn-codex-worker, host terminal tools, and git utilities (SKILL.md).
  • Sanitization: No specific sanitization, validation, or escaping of input data is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 10, 2026, 04:47 PM