bampenpien
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands such as
ls,mkdir, andreadlinkto organize session history and manage log files within the local workspace memory directory (ψ/).- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests user-provided conversation text which is stored and later retrieved for the history and sharing features. - Ingestion points: User conversation input and session log files stored in
ψ/memory/resonance/practice/. - Boundary markers: Markdown headers (e.g.,
## The Hard Thing) are used within the log files to separate data fields. - Capability inventory: Includes local file listing (
ls), directory management (mkdir), and calls to an internal platform learning function (arra_learn). - Sanitization: No explicit sanitization or escaping of the user-provided content was identified before it is displayed or processed.
Audit Metadata