versioning-constitutions
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill instructs the agent to execute shell commands like mkdir, cp, rm, and ln to maintain directory structures. These are standard file management operations but involve direct shell interaction.
- [PROMPT_INJECTION] (LOW): The skill has an indirect prompt injection surface (Category 8) because it reads and updates 'constitution' files which define the rules for agent behavior. 1. Ingestion points: docs/constitutions/current/*.md. 2. Boundary markers: None identified. 3. Capability inventory: mkdir, cp, rm, ln. 4. Sanitization: None. This creates a surface where architectural rules can be modified to influence future agent reasoning.
Audit Metadata