twinmind-upgrade-migration
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses dynamic context injection (!) in
SKILL.mdto executenpm listandpip freeze. These commands are used to provide the agent with the current state of the development environment for auditing purposes. - [PROMPT_INJECTION]: The
import-config.tsscript allows for the ingestion of external JSON files during configuration migration. This creates a surface for indirect prompt injection if an agent processes a malicious file. - Ingestion points:
scripts/import-config.ts(reads from local JSON files). - Boundary markers: None present.
- Capability inventory:
scripts/import-config.ts(POST and PATCH requests to external APIs). - Sanitization: None present; uses standard JSON parsing.
Audit Metadata