modify-self
Fail
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill metadata explicitly describes capabilities to modify 'operating system files' and 'cron jobs'. These actions are characteristic of privilege escalation and persistence mechanisms, allowing for permanent and potentially unauthorized changes to the host environment.
- [REMOTE_CODE_EXECUTION]: The skill is intended for 'modifying the agent's own code' and 'skills'. This self-modification capability allows the agent to alter its logic and behavior dynamically, creating a risk where arbitrary or malicious code can be persisted and executed in future interactions.
- [COMMAND_EXECUTION]: The skill provides a mechanism to read local system-level documentation (e.g., /job/CLAUDE.md) as a prerequisite for making system-wide modifications.
Recommendations
- AI detected serious security threats
Audit Metadata