ecomode
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWSAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill instructs the agent to read an external documentation file to determine how to route tasks to subagents, creating a surface where malicious content in that file could influence agent behavior. \n
- Ingestion points: File read operation on
docs/shared/agent-tiers.mddefined inSKILL.md. \n - Boundary markers: Absent; the agent is simply told to read the file before acting. \n
- Capability inventory: Internal influence on agent reasoning and task delegation (e.g., spawning
oh-my-claudecodesubagents). No direct file-write or network capabilities are defined in this skill file. \n - Sanitization: Absent. \n- Data Exposure (INFO): The skill references the user's home directory configuration (
~/.claude/.omc-config.json). This is identified as a reference to a sensitive path, but in this context, it is instructional for user configuration rather than an attempt to exfiltrate data.
Audit Metadata