eve-agent-optimisation
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized network operations were detected in the skill content.
- [COMMAND_EXECUTION]: The skill uses the vendor-specific 'eve' CLI toolset (
eve job diagnose,eve job logs,eve job receipt) to access diagnostic metadata. These commands are used for their intended purpose of performance analysis. - [PROMPT_INJECTION]: The skill processes agent execution logs, which constitutes an indirect prompt injection surface. Ingestion points:
eve job logs <job-id>(SKILL.md). Boundary markers: Absent. Capability inventory:eveCLI tool suite. Sanitization: Absent. The risk is mitigated by a hard rule prohibiting the agent from modifying harness, model, or permission policies without prior user approval, maintaining a safe human-in-the-loop workflow.
Audit Metadata