proactive-agent
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [Dynamic Execution] (MEDIUM): The skill is designed to 'upgrade skills' and 'learn new capabilities' at runtime. This involves dynamic code generation or loading, which is a security risk as the learning process could be influenced by untrusted data.
- [Command Execution] (LOW): The documentation references shell scripts (./scripts/upgrade, ./scripts/learn) for core functionality. These scripts were not provided, preventing a full security audit.
- [Indirect Prompt Injection] (LOW): (1) Ingestion points: Task descriptions and format specifications provided to the agent. (2) Boundary markers: None identified in documentation. (3) Capability inventory: Skill modification and shell script execution. (4) Sanitization: Absent; the 'adaptation' and 'learning' processes imply direct influence on agent logic and behavior.
Audit Metadata