ce-optimize
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes arbitrary shell commands defined in the optimization spec's
measurement.commandfield viascripts/measure.sh. This is an intended core feature for running test suites or benchmarks. - [DATA_EXFILTRATION]:
scripts/experiment-worktree.shcopies existing.envfiles from the repository root to isolated experiment worktrees. This is performed locally to enable experiments to run with necessary environment variables and does not involve external transmission. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted code and measurement results which are then fed back into the LLM context for evaluation. It uses XML-like boundary markers in
references/experiment-prompt-template.mdandreferences/judge-prompt-template.mdto mitigate potential instruction leakage from the processed data.
Audit Metadata