argent-lens

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the agent to execute external CLI tools, such as the argent utility and modules like argent-ios-simulator-setup and debugger-reload-metro, to manage the device environment and application state.
  • [PROMPT_INJECTION]: The workflow processes feedback from the await_user_selection tool, which presents a surface for indirect prompt injection as comments and annotations are treated as instructions to be executed.
  • Ingestion points: Human-provided feedback and annotations returned by the await_user_selection tool.
  • Boundary markers: The skill instructions do not specify the use of delimiters or provide instructions to ignore malicious commands within user comments.
  • Capability inventory: The agent has the capability to modify code, reload applications, and perform interactive device operations.
  • Sanitization: There is no mention of sanitizing or validating user input before the agent is instructed to act on the feedback.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 02:14 PM
Security Audit — agent-trust-hub — argent-lens