agent-scout-explorer
Warn
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill performs deep reconnaissance of the local environment by mapping directory structures such as 'src/', 'tests/', and 'docs/' and identifying key configuration files like 'package.json'.
- [DATA_EXFILTRATION]: It is instructed to capture and report sensitive system-level metrics, including CPU availability, memory usage, disk space, and network status, to an externalized 'coordination' memory namespace.
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface as it is designed to read and report findings from untrusted local files.
- Ingestion points: Reads content from files within the 'src/', 'tests/', and 'docs/' directories.
- Boundary markers: No delimiters or protective instructions are provided to prevent the agent from being influenced by malicious content found within the scanned files.
- Capability inventory: The agent possesses the ability to read arbitrary files from the filesystem and write structured data to a shared memory tool.
- Sanitization: No validation or sanitization of discovered content is performed before the data is stored in the memory system.
Audit Metadata