synapse-reinst
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (LOW): The skill instructs the agent to re-adopt identity and protocol instructions from its output, effectively performing a self-directed prompt injection for recovery purposes. Because it uses local, expected configuration data, the risk is minimal.
- DATA_EXFILTRATION (LOW): The script reads local registry and configuration files (e.g., ~/.a2a/registry/ and .synapse/settings.json) to retrieve agent IDs and roles. This data is exposed to the LLM context to rebuild its prompt. No exfiltration to external networks or access to sensitive credentials like API keys or SSH keys was found.
- COMMAND_EXECUTION (SAFE): The skill runs a local Python script included in its directory to perform configuration lookups. No remote code execution, piped shell commands, or unauthorized command injection patterns were detected.
Audit Metadata