nav-compact
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOW
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill uses bash commands (
echoandls) to manage local state files in the.agent/.context-markers/directory. These operations are restricted to the local workspace and do not involve sensitive system paths. - INDIRECT_PROMPT_INJECTION (LOW): The skill ingests untrusted data by summarizing the last 15 messages of a conversation to create a context marker. While this is an ingestion point for untrusted content, the impact is limited to local state preservation, and the skill does not have capabilities (like network access or arbitrary code execution) that would escalate this to a higher risk level.
- DATA_EXPOSURE (SAFE): The skill writes summaries and metadata to local files. It does not access credentials, SSH keys, or environment variables.
Audit Metadata