synapse
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a structured context injection system designed to manage and organize prompt rules. The architecture is modular and uses local files for rule storage and state management.
- [PROMPT_INJECTION]: The skill uses "Star-commands" (e.g.,
*brief,*dev,*review) that modify agent behavior via prompt injection. These are documented as user-triggered modes intended to optimize task performance and are not attempts to bypass safety filters or ignore instructions. - [COMMAND_EXECUTION]: The skill includes CRUD operations (
*synapse create,*synapse add, etc.) that perform file system operations to manage local domain configuration files and manifest entries. These actions are aligned with the skill's primary purpose of domain management. - [DATA_EXFILTRATION]: No network operations or patterns associated with data exfiltration were detected. The engine operates on local configuration files within the
.synapseand.aiox-coredirectories. - [CREDENTIALS_UNSAFE]: No hardcoded credentials, API keys, or unsafe secret management practices were identified in the analyzed files.
Audit Metadata