Skills
skills/danielmiessler/personal_ai_infrastructure/WorldThreatModelHarness/Gen Agent Trust Hub

WorldThreatModelHarness

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The workflows in TestIdea.md, UpdateModels.md, and ViewModels.md use curl to send POST requests to http://localhost:8888/notify. This is used to provide the user with voice notifications regarding the status of the long-running analysis and research tasks.
  • [PROMPT_INJECTION]: The skill's UpdateModels.md workflow ingests data from web research and user-provided analysis to generate world model documents. Because these documents are later used as context for the TestIdea.md workflow, there is a potential surface for indirect prompt injection. However, the risk is mitigated by the structured nature of the ModelTemplate.md and the adversarial nature of the testing tiers (using RedTeam and FirstPrinciples skills).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 11:43 AM