evolve
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill operates as a high-level orchestrator for repository maintenance and improvement. It includes safety mechanisms like a 60-minute circuit breaker, oscillation detection, and regression gates to auto-revert failed changes.
- [COMMAND_EXECUTION]: The skill executes local scripts (e.g., evolve-measure-fitness.sh) and invokes other skills (e.g., /rpi, /test, /deps) to perform its functions. These operations are restricted to the local environment and the current repository context.
- [DATA_EXFILTRATION]: Performs 'git push' to synchronize autonomous changes with the remote repository. This behavior is documented and required for its primary function of autonomous compounding improvement.
- [PROMPT_INJECTION]: Ingests task descriptions from external sources (next-work.jsonl and roadmap files) and interpolates them into sub-skill commands. This constitutes an indirect prompt injection surface, which is an inherent risk of its orchestration architecture. Evidence includes the use of unvalidated work titles from '.agents/rpi/next-work.jsonl' being passed to the /rpi skill.
Audit Metadata