Skills
skills/pjt222/development-guides/evolve-skill/Gen Agent Trust Hub

evolve-skill

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses various bash commands (cat, grep, mkdir, cp, ln, git diff) to read, copy, and link skill files. This includes creating symbolic links in the ~/.claude/skills/ directory to enable skill discovery.
  • [PROMPT_INJECTION]: This skill presents an indirect prompt injection surface as it ingests and processes untrusted content from existing SKILL.md files. This could lead to the agent following instructions embedded within the data it is supposed to be 'evolving'.
  • Ingestion points: Reads target skill files using cat and grep in Step 1 and Step 6.
  • Boundary markers: No explicit delimiters are used when processing the content of the skills being updated.
  • Capability inventory: Has permissions to write and edit files, execute shell commands, and create symbolic links.
  • Sanitization: No evidence of input validation or sanitization of the content read from the SKILL.md files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 10:18 PM