Skills
skills/pixel-process-ug/superkit-agents/autonomous-loop/Gen Agent Trust Hub

autonomous-loop

Warn

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is designed to perform autonomous development cycles which include implementing code and running tests via the Bash tool. This involves generating and executing scripts at runtime based on task requirements.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes data from external files such as specs/*.md and existing source code. These files could contain hidden instructions that attempt to manipulate the agent's behavior during the autonomous loop.
  • Ingestion points: Reads from specs/*.md, IMPLEMENTATION_PLAN.md, and project source files in src/*.
  • Boundary markers: Absent. The skill does not define specific delimiters or instructions to ignore embedded commands within the processed files.
  • Capability inventory: Includes the Agent tool for subagent delegation (up to 500 parallel instances), the Bash tool for command execution, file system write access, and version control (git) operations.
  • Sanitization: Absent. There is no mention of validating or sanitizing the content of specification files or source code before processing them.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 2, 2026, 12:42 AM