soul-guardian
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a legitimate security utility designed for workspace integrity monitoring. It implements several security best practices, such as refusing to operate on symlinks and using atomic file writes to prevent race conditions or partial updates.
- [COMMAND_EXECUTION]: The
install_launchd_plist.pyscript usessubprocess.runto interact with the macOSlaunchctlutility. This is a documented feature for scheduling periodic integrity checks and is not used for malicious purposes. The execution is limited to specific system commands with hardcoded paths. - [DATA_EXFILTRATION]: No network operations or external data exfiltration patterns were found. The tool operates strictly on the local filesystem. While it creates snapshots and logs of workspace files, the documentation explicitly recommends storing the state directory outside the workspace to improve resilience.
- [PROMPT_INJECTION]: No evidence of prompt injection or attempts to override agent behavior was found. The instructions provided to the agent in the documentation are designed to help it relay security alerts to the user.
- [REMOTE_CODE_EXECUTION]: The skill does not download or execute remote code. It is dependency-free and relies solely on the Python standard library, minimizing the risk of supply chain attacks.
Audit Metadata