loop-nanny
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes several system and development commands.
- Manages macOS services using
launchctl kickstartto restart the 'system-bus-worker' service. - Performs file system cleanup using
rmto delete agent-generated test files in the__tests__/directory. - Uses Git commands (
git commit,git worktree remove,git branch -D) for repository maintenance. - Runs the
joelclawCLI tool (a vendor resource from 'joelhooks') for status monitoring and diagnosis. - [DATA_EXPOSURE]: The skill reads logs and execution output files from the
/tmp/agent-loop/directory. This is used to triage failures and monitor the progress of automated stories. - [INDIRECT_PROMPT_INJECTION]: The skill processes output from external files which are generated by other agent runs, creating a potential surface for indirect instruction injection.
- Ingestion points: Reads log data from
/tmp/agent-loop/<LOOP_ID>/<STORY_ID>-<ATTEMPT>.out. - Boundary markers: Absent; the instructions direct the agent to read the tail of the files without specifying delimiters or safety warnings for the content.
- Capability inventory: Includes file deletion (
rm), service management (launchctl), and repository modification (git). - Sanitization: No sanitization or validation of the log content is described before the agent is expected to act on the information.
Audit Metadata