mental-models
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill executes a local Python script at
00-system/mental-models/scripts/select_mental_models.py. This is a functional requirement for listing skill content and uses a static path. - [INDIRECT_PROMPT_INJECTION] (INFO): The skill processes untrusted user input (descriptions of problems or decisions). Evidence Chain: 1. Ingestion point: User situations in Step 2. 2. Boundary markers: None. 3. Capability inventory: Local script execution for listing and file reading. 4. Sanitization: User input is used for AI model selection logic rather than being passed as arguments to the script, resulting in negligible risk.
Audit Metadata