awaken
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The skill downloads and executes an installation script for the Bun runtime from bun.sh, which is a well-known technology service.
- [EXTERNAL_DOWNLOADS]: Installs the 'oracle-skills-cli' package directly from the author's GitHub repository (Soul-Brews-Studio/oracle-skills-cli) to provide the agent with required tools.
- [COMMAND_EXECUTION]: Creates a local settings file ('.claude/settings.local.json') that pre-authorizes a list of shell commands and internal skills, bypassing interactive permission prompts for the agent.
- [EXTERNAL_DOWNLOADS]: Automates the cloning of external repositories and the retrieval of GitHub issue data from the vendor's organization to provide reference context for the identity formation ritual.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to ingest and process data from external repositories and GitHub issues. * Ingestion points: Content is retrieved via 'gh issue view', '/learn', and '/trace' commands (SKILL.md). * Boundary markers: No explicit delimiters or 'ignore' instructions are used for the external data. * Capability inventory: The agent has permissions to write files (mkdir, cat) and execute shell commands (git, gh, bun, etc.) (SKILL.md). * Sanitization: No explicit sanitization or filtering of the external repository content is implemented.
Audit Metadata