picoclaw-self-pen-testing
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs local, read-only posture-review analysis against an existing Picoclaw posture profile using built-in Node.js modules without any network connectivity or sensitive data access.
- [PROMPT_INJECTION]: The skill processes external JSON profile data which serves as an indirect prompt injection surface if the input file is controlled by an attacker.
- Ingestion points:
scripts/self_pen_test.mjsreads the file provided via the--profilecommand-line argument. - Boundary markers: Findings are output as structured JSON, but the skill does not wrap the interpolated data with specific boundary markers or instructions to ignore embedded commands.
- Capability inventory: The skill has local file system read access (
node:fs) to access the profile file, but no network or write capabilities are present. - Sanitization: There is no sanitization or validation of the profile data before it is processed and reflected in the output findings.
Audit Metadata