agent-ops
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The file
evals/run-static-checks.shis a shell script intended for developer-side static analysis. It invokes local Python scripts to validate skill structure, representing a standard maintenance tool. - [PROMPT_INJECTION]: The skill processes untrusted agent traces and tool outputs as part of its 'optimization-loop' and 'autonomous-controller' workflows. This creates an indirect prompt injection surface. Ingestion points: Spans and trajectories containing external model interactions (references/playbooks/optimization-loop.md). Capability inventory: Creation of audit reports and ledgers (templates/audit-report.md), and staging of automated improvements (references/playbooks/autonomous-controller.md). Sanitization: The playbooks mandate privacy filtering and human review of all changes. Boundary markers: Explicit delimiters for untrusted trace data were not identified in the prompt templates.
Audit Metadata