self-improving-agent
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: (Data Exposure) The 'observe.sh' script logs all tool inputs and outputs to local files in the homunculus directory. This creates a local repository of session history that could contain sensitive information if such data is handled by tools during the session.
- [COMMAND_EXECUTION]: The skill utilizes local shell scripts such as 'observe.sh', 'activator.sh', and 'error-detector.sh' as hooks in the agent configuration to automate observation and feedback. It also provides a utility for generating new skill scaffolds.
- [PROMPT_INJECTION]: (Indirect) The system processes 'instincts' and 'learnings' stored in YAML and Markdown files to influence agent behavior in future sessions. • Ingestion points: Learning entries in '.learnings/' and instinct YAML files. • Boundary markers: Absent. • Capability inventory: Tool use monitoring, context injection, and file creation. • Sanitization: Absent.
Audit Metadata