agent-updater
Warn
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Includes a 'Security Review Gate' to scan external research for injection attacks and malicious tool calls.\n
- Evidence: SKILL.md implements a multi-point scan for 'ignore previous' and other injection patterns.\n- [PROMPT_INJECTION]: Mandates the injection of standardized prompt sections into other agents, which is its core function.\n
- Evidence: SKILL.md includes instructions for the 'CRITICAL PROTOCOL INJECTION RULE'.\n- [EXTERNAL_DOWNLOADS]: Conducts mandatory research using the Exa search tool to find multi-agent orchestration best practices.\n
- Evidence: SKILL.md specifies the usage of mcp__Exa__web_search_exa.\n- [COMMAND_EXECUTION]: Executes local Node.js scripts for agent registry management and validation.\n
- Evidence: scripts/main.cjs uses spawnSync to run local CLI tools within the .claude directory.\n- [COMMAND_EXECUTION]: Dynamically modifies local JavaScript configuration data by appending strings derived from agent names.\n
- Evidence: scripts/main.cjs function updateRoutingTableKeywords reads and writes to .claude/lib/routing/routing-table-intent-keywords-data.cjs.
Audit Metadata