Skills
skills/evoscientist/evoskills/experiment-craft/Gen Agent Trust Hub

experiment-craft

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by processing external data as part of its diagnostic flow.\n
  • Ingestion points: The skill uses read_file to collect failure cases and analyze results from experiment logs as described in SKILL.md and references/debugging-methodology.md.\n
  • Boundary markers: The instructions do not specify any delimiters or warnings to ignore commands embedded in the processed data.\n
  • Capability inventory: The skill has access to write_file, edit_file, and execute tools (allowed in SKILL.md) to perform actions based on the analysis.\n
  • Sanitization: There is no evidence of sanitization or validation of the ingested experiment data.\n- [COMMAND_EXECUTION]: The skill uses the execute tool to run code for verifying experimental hypotheses and implementation fixes, which is a high-privilege capability necessary for its function.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 03:11 PM