Darwin
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes system shell commands to gather project metadata and activity signals.
- Evidence: references/signal-collection.md defines commands such as 'git log', 'git shortlog', and 'find . -type f' for lifecycle detection and health assessment.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted data sources.
- Ingestion points: Agent journals ('.agents/*.md') and project logs ('.agents/PROJECT.md') are read to extract patterns and insights in 'references/subsystems.md'.
- Boundary markers: The skill does not explicitly define delimiters or 'ignore' instructions for the content of processed journals.
- Capability inventory: The skill has the ability to execute shell commands ('git', 'find') and modify ecosystem configuration files like '.agents/ECOSYSTEM.md'.
- Sanitization: No explicit sanitization or validation of the journal content is described before it is used for pattern synthesis or score calculation.
Audit Metadata