Skills
skills/humanplane/homunculus/instinct-apply/Gen Agent Trust Hub

instinct-apply

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill is designed to ingest and follow instructions from external files, which creates a vulnerability surface if those files contain malicious instructions.
  • Ingestion points: Files located in .claude/homunculus/instincts/personal/ and .claude/homunculus/instincts/inherited/.
  • Boundary markers: Absent. Content is read directly into the context using cat with only a filename header, which may not be sufficient to prevent the agent from confusing file content with system instructions.
  • Capability inventory: The skill uses bash to execute cat and basename commands to list and read files.
  • Sanitization: Absent. The skill does not validate or sanitize the content of the markdown files before displaying them to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:27 PM