stabilization-loop
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands for compilation, starting and stopping servers, and running test suites. This involves executing code that may have been modified by the agent during the loop.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). The agent analyzes potentially untrusted data from server logs, crash reports, and test results to decide how to fix the project. Without sanitization or boundary markers, malicious content in these logs could manipulate the agent into performing unintended actions or code modifications. Evidence chain: 1. Ingestion points: Server logs, crash reports, and test failure output (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Git operations, file modification, and command execution for builds/tests (SKILL.md). 4. Sanitization: Absent.
Audit Metadata