cocoscout
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, suspicious remote connections, or unauthorized command executions were detected. The skill's behavior is consistent with its stated purpose of managing local context for agent invocations.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its core functionality of ingesting external data into the agent's context.
- Ingestion points: Accesses files from
.cocoplus/grove/patterns/,.cocoplus/context/,.cocoplus/snapshots/, and.cocoplus/prompts/(SKILL.md). - Boundary markers: Ingested data is structured into a dedicated markdown block with clear headers, although it lacks specific defensive instructions for the model to ignore directives embedded within that data.
- Capability inventory: The skill performs filesystem read operations and prepends content to the startup context. No subprocess execution, network access, or sensitive file writes were identified.
- Sanitization: The skill ranks and includes file content based on relevance scores but does not perform content sanitization on the files themselves.
Audit Metadata