skills/q00/symposium/evolve-step/Gen Agent Trust Hub

evolve-step

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests data from .symposium/scratch/socrates.md to generate candidates for refinement. This ingestion surface is susceptible to indirect prompt injection if the source file contains malicious instructions designed to subvert the agent's logic.
  • Ingestion points: Read operation on .symposium/scratch/socrates.md.
  • Boundary markers: None; the instructions do not define delimiters to separate instructions from user-controlled data during the read process.
  • Capability inventory: File-write access to .symposium/scratch/socrates.md and .symposium/scratch/evolve-step.md.
  • Sanitization: The skill implements a 'User Adoption Gate,' requiring explicit user selection of candidates via a compact checkbox prompt before any state changes are committed.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 11:44 AM
Security Audit — agent-trust-hub — evolve-step