self-improvement
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The
extract-skill.shscript scaffolds new skill directories and files with strict regex validation on the skill name input, preventing path traversal. - [DATA_EXFILTRATION] (SAFE): The
error-detector.shscript reads tool output for local error detection without external network operations or data transmission. - [PROMPT_INJECTION] (SAFE): The skill uses hooks to inject hardcoded reminder strings into the session context, which does not involve processing or echoing untrusted data.
Audit Metadata