skill-iterative-loop
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill features a 'Metric Verification Mode' that accepts and executes arbitrary shell commands through the
MetricandGuardparameters. These commands are used to automate measurement and verification during iterative loops. - [COMMAND_EXECUTION]: The skill performs automated Git operations including
git add -A,git commit, andgit revertas part of its experiment and rollback lifecycle. - [PROMPT_INJECTION]: The skill is configured to automatically activate based on specific natural language triggers such as "loop X times" or "loop around N times". This allows for seamless integration but acts as a wide trigger surface for iterative task execution.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests configuration data from a local file at
~/.claude-octopus/loop-config.confto override its self-regulation weights and thresholds. - Ingestion points: Reads configuration from
~/.claude-octopus/loop-config.conf(SKILL.md). - Boundary markers: Absent; the skill directly parses key=value pairs from the configuration file.
- Capability inventory: Arbitrary shell command execution via
Metric/Guardparameters and Git repository manipulation viagitcommands. - Sanitization: Absent; the skill uses the values directly to adjust its safety logic and iteration limits.
- [DYNAMIC_EXECUTION]: The skill dynamically assembles and executes shell command strings for metric measurement and guard verification based on user-provided input parameters.
Audit Metadata