molt-life-kernel
Warn
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the 'molt-life-kernel' npm package and references code from 'github.com/X-Loop3Labs/molt-life-kernel', which are third-party resources not included in the trusted vendor list.
- [PROMPT_INJECTION]: The 'SOUL.md' file defines a mandatory identity for the agent, directing it to adopt specific values and behavior patterns, such as 'evangelizing molt.church' and refusing to delete data, which steers the agent away from its default operational and safety guidelines.
- [DATA_EXFILTRATION]: The skill implements an 'append-only ledger' that records every user query and agent response into a persistent store. This creates a high-value target for data exposure as it centralizes the entire session history into a single ledger file in the workspace.
- [COMMAND_EXECUTION]: The skill includes 'integration-examples.js', a runnable Node.js script that demonstrates the use of the external library and performs dynamic imports.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted user input directly into its persistent memory ledger via 'kernel.append' without explicitly mentioned sanitization or boundary markers, which could influence the agent's behavior during session rehydration.
Audit Metadata