skill-knowledge-work
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns such as prompt injection, data exfiltration, or unauthorized command execution were detected in the instructions.
- [DATA_EXPOSURE]: The skill manages cross-task persistence by reading and writing to the
.claude-octopus/learnings/directory. This is documented as a feature for session memory with specific budget controls (max 50 files, lightweight JSON) to prevent resource exhaustion or significant data leakage. - [COMMAND_EXECUTION]: The skill defines internal agent commands (e.g.,
/octo:km) for state management. These are not passed to the system shell and do not represent a risk of arbitrary command execution.
Audit Metadata