Skills
skills/joelhooks/joelclaw/agent-loop/Gen Agent Trust Hub

agent-loop

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes local CLI tools including joelclaw, bun, kubectl, and slog to manage infrastructure and monitor agent runs. It specifically utilizes codex with high-privilege flags (--sandbox danger-full-access, --ask-for-approval never) for autonomous code implementation.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates external project data into the agent's context.
  • Ingestion points: The skill reads prd.json and progress.txt from the project root directory.
  • Boundary markers: No specific delimiters or "ignore embedded instructions" warnings are documented for these inputs.
  • Capability inventory: The pipeline has the ability to execute sandboxed commands with full access, commit code to git, and trigger Kubernetes rollouts.
  • Sanitization: No sanitization or validation logic for the content of the PRD or progress files is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 11:26 AM