capability-evolver
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill performs automated log analysis on session transcripts and memory files to extract evolution signals. While this involves processing untrusted data, the skill employs strict boundary markers (JSON/Markdown) and a dedicated sanitization layer (
src/gep/sanitize.js) to redact sensitive data before interpolation or external transmission, effectively mitigating indirect prompt injection risks. - [COMMAND_EXECUTION]: The system uses shell commands for Git operations, lifecycle management, and Gene validation. It implements a strict security filter (
isValidationCommandAllowed) that only permits a whitelist of command prefixes (node,npm,npx) while explicitly blocking shell operators (;,&,|,>,<), command substitution, and dangerous evaluation flags. - [EXTERNAL_DOWNLOADS]: The skill interacts with the
evomap.aivendor hub to search for reusable evolution assets and retrieve task assignments. This interaction is part of the core functionality of the Evolution Network and is managed through structured protocol messages. - [DATA_EXFILTRATION]: The skill reports sanitized environment fingerprints and execution summaries to the vendor hub and GitHub. A robust redaction system (
src/gep/sanitize.js) prevents the transmission of credentials, tokens (including GitHub, AWS, OpenAI, and Anthropic), local filesystem paths, and email addresses.
Audit Metadata