eval-config

The eval-config skill/specification is functionally coherent and requires access to multiple local brand artifacts and a local management script to do its job. The main security concerns are: (1) executing a local management script with user-supplied arguments (supply-chain / execution risk), (2) reading and presenting historical evaluation data (privacy/exposure risk), and (3) the potential for an overprivileged agent to make destructive configuration changes without strict confirmation, auditing, and least-privilege controls. Recommended mitigations: code-review and integrity checks (signatures/checksums) for scripts/eval-config-manager.py, restrict file access and redact outputs of historical evaluations, enforce explicit user confirmation and detailed logging for any config changes, run management scripts in a constrained runtime (least privilege, sandbox), and add release/supply-chain protections for any packages providing the scripts or agent components.