Skills
skills/sundial-org/awesome-openclaw-skills/agent-development/Gen Agent Trust Hub

agent-development

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill uses and recommends specific steering phrases in agent descriptions and metadata (plugin.json), such as 'MUST BE USED' and 'Use PROACTIVELY'. These are designed to override or forcefully influence the default task delegation logic of the AI system.
  • [COMMAND_EXECUTION]: The skill provides instructions in README.md and rules/agent-memory-limits.md to modify shell startup files (e.g., ~/.bashrc) to set NODE_OPTIONS for memory heap increases. While intended for performance optimization, modifying shell profiles is a persistence mechanism that affects the user's environment across sessions.
  • [COMMAND_EXECUTION]: The skill advises users in rules/custom-agent-instructions.md to add a broad list of Bash commands to an allowlist in .claude/settings.json. This includes commands like Bash(cat *), Bash(mv *), and WebFetch(domain:*), which reduces the security sandbox by permitting these operations without explicit user approval for each instance.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 02:22 AM