configuring-agent-brain
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documents the use of 'agent-brain inject', a tool that allows the execution of arbitrary local scripts against the document index.
- [EXTERNAL_DOWNLOADS]: Instructions include downloading and running setup scripts for well-known utilities (uv and Ollama) from their official repositories.
- [PROMPT_INJECTION]: The system's document indexing capability creates an attack surface for indirect prompt injection.
- Ingestion points: Files are ingested via the 'agent-brain index' command (SKILL.md).
- Boundary markers: The setup guides do not provide instructions for implementing data delimiters or safety instructions to prevent the execution of malicious content within indexed files.
- Capability inventory: The system enables script execution, local server hosting, and network-based LLM queries (SKILL.md).
- Sanitization: No procedures for sanitizing or validating external document content are included in the configuration walkthrough.
Audit Metadata