evo-archiving
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes repository inspection commands. Evidence: The skill runs
git statusandgit diff --statto identify modified files and the scope of implementation changes. - [PROMPT_INJECTION]: Vulnerable to indirect prompt injection through repository content processing. 1. Ingestion points: Reads implementation plans,
docs/architecture.md,docs/ledger.jsonl, andgit diffoutput. 2. Boundary markers: No explicit delimiters or instructions are provided to the agent to disregard instructions found within the ingested files. 3. Capability inventory: Can read/write files in the localdocs/directory and execute git CLI tools; no network or arbitrary code execution capabilities were detected. 4. Sanitization: Content from files is summarized and archived without sanitization, though a human-in-the-loop confirmation step is required before writing changes.
Audit Metadata