sensei
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill framework defines sub-agent roles, such as the "Scribe," with explicit instructions to remain "silent" and "invisible" to the user. In the context of the Squad multi-agent orchestration framework, these directives function as architectural constraints for background logging processes rather than malicious action concealment.\n- [COMMAND_EXECUTION]: The skill instructions and supporting scripts (e.g., scripts/src/tokens/commands/compare.ts) utilize shell commands including git show, git ls-tree, and npm test. These operations are necessary for the skill's primary purpose of auditing skill metadata and verifying changes through testing.\n- [EXTERNAL_DOWNLOADS]: The documentation and skill body instruct the agent to clone repositories from GitHub and install dependencies via npm. These are standard procedures for initializing the compliance auditing environment and managing the skill's TypeScript-based token management tools.
Audit Metadata