proactive-agent
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill includes comprehensive defensive strategies against prompt injection. It explicitly instructs the agent to treat external content (emails, websites, PDFs) as data rather than instructions and provides patterns for detecting injection attempts.
- [INDIRECT_PROMPT_INJECTION]: The skill acknowledges and mitigates indirect prompt injection risks. It establishes a multi-layer defense strategy, including 'Instruction Isolation' and 'Content Classification' for untrusted data processed from external sources like websites or files.
- [COMMAND_EXECUTION]: The skill contains a local shell script (
scripts/security-audit.sh) designed to help users audit their own environment for security risks, such as exposed credentials or incorrect file permissions. This is a utility script and does not execute remote or obfuscated code. - [DATA_EXFILTRATION]: The skill contains strict rules against the exfiltration of private data. It includes a security audit script that scans for hardcoded secrets and enforces least-privilege principles for external communications.
- [DYNAMIC_EXECUTION]: The 'Self-Improvement' feature encourages the agent to update its own operational documents (
AGENTS.md,SOUL.md) based on learned lessons. While this allows the agent to modify its future behavior, it is implemented with 'ADL/VFM' protocols (guardrails) designed to prevent drift and maintain stability.
Audit Metadata