agent-updater
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local system commands and scripts to maintain the agent ecosystem. Specifically,
scripts/main.cjsusesnode:child_process.spawnSyncto run registry generation scripts, and theSKILL.mdworkflow includes instructions for runningnpm run gen:all-registriesto ensure consistency across the agent tool and skill indexes. - [EXTERNAL_DOWNLOADS]: The skill performs mandatory research by fetching data from external sources like arXiv using
WebSearchandWebFetch. To mitigate the risk of processing untrusted content, it implements a comprehensive Security Review Gate that scans for excessive size, binary data, unauthorized tool patterns, prompt injections, and potential data exfiltration before the content is integrated into the agent definitions. - [PROMPT_INJECTION]: While the skill includes automated detection for malicious prompt injection in external data, it also features a mandated protocol injection rule. This functionality is designed to programmatically inject standardized search and memory instructions into target agents to ensure they adhere to the framework operational standards.
- [DYNAMIC_EXECUTION]: The utility script
scripts/main.cjscontains logic inupdateRoutingTableKeywordsto programmatically modify an existing JavaScript file (.claude/lib/routing/routing-table-intent-keywords.cjs). It identifies insertion points within the code and injects new entries into the exported routing table to facilitate dynamic capability updates.
Audit Metadata