modify-self
Fail
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's metadata explicitly states its purpose is to modify 'operating system files' and 'cron jobs'. Modification of cron jobs is a primary technique for establishing persistence on a host system. Modifying system files implies the agent may operate with elevated privileges, which can be used to compromise the integrity of the underlying environment.
- [PROMPT_INJECTION]: The description identifies 'personality' and 'skills' as targets for modification. This capability allows the agent to overwrite its own instructions, potentially leading to the removal of safety guardrails, ethical constraints, or developer-defined limitations through self-modification.
- [COMMAND_EXECUTION]: The skill enables the modification of the 'agent's own code', which constitutes a dynamic code execution risk where the agent can programmatically change its logic and behavior in ways that are difficult to monitor or restrict.
Recommendations
- AI detected serious security threats
Audit Metadata