autonomous-master
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection Surface.\n
- Ingestion points: User-provided specifications from the 'autonomous start' command are parsed by
scripts/command_parser.pyand stored infeature_list.json.\n - Boundary markers: The
generate_continuation_promptfunction inscripts/continuation_generator.pyinterpolates these descriptions and steps directly into a markdown template without protective delimiters or instructions to ignore embedded instructions.\n - Capability inventory: According to
references/COMMANDS.md, the skill has significant capabilities including file system modification and shell script execution (init.sh).\n - Sanitization: The
validate_specificationfunction inscripts/command_parser.pyonly performs basic length and keyword checks, lacking sanitization for prompt injection payloads.
Audit Metadata