auto
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to automate the lifecycle of a task, culminating in the execution of generated code. According to the behavior description, it generates a 'Seed' and initiates execution once the code reaches an 'A-grade' standard.
- [PROMPT_INJECTION]: The skill processes a user-supplied
goalthrough theouroboros_autotool. This represents an attack surface for indirect prompt injection, as the instructions provided in the goal directly influence the subsequent code generation and execution steps. - Ingestion points: User input provided via the
goalargument (SKILL.md). - Boundary markers: None explicitly defined in the skill instructions to separate user input from internal logic.
- Capability inventory: The pipeline performs autonomous execution and repair of generated code (SKILL.md).
- Sanitization: Not specified within the skill instructions; relies on the underlying MCP tool's implementation.
Audit Metadata