archon
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill directs the agent to execute a local Python script using
subprocess.run(['python3', 'scripts/list_knowledge.py', archon_host])to verify API connectivity and retrieve server metadata. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it processes untrusted data from the Archon API. * Ingestion points: The agent ingests data through search results, document content, and task descriptions retrieved from the user-specified Archon host. * Boundary markers: There are no explicit delimiters or instructions provided to prevent the agent from following malicious commands embedded within the retrieved data. * Capability inventory: The skill possesses capabilities for network operations via the
requestslibrary, file system reading for document uploads, and command execution viasubprocess. * Sanitization: There is no evidence of sanitization or structural validation performed on the API responses before they are incorporated into the agent's reasoning context.
Audit Metadata