omo-agents
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): The instructions focus on task coordination and do not contain attempts to bypass AI safety guidelines or override system prompts.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded secrets, sensitive file paths, or outbound network operations were detected.
- [Remote Code Execution] (SAFE): There are no commands for downloading or executing external scripts (e.g., curl/wget piped to bash).
- [Indirect Prompt Injection] (LOW): The 'Explore' and 'Librarian' agents ingest external data (code, documentation), which represents a potential attack surface, but the skill itself does not implement malicious triggers or lack basic safety context. Evidence: Ingestion points: codebase and external docs via @explore and @librarian; Boundary markers: Absent; Capability inventory: Search, read, and coordination; Sanitization: Absent.
- [Persistence & Privilege Escalation] (SAFE): No commands for modifying system startup files or acquiring root privileges were found.
Audit Metadata