Skills
skills/yonatangross/skillforge-claude-plugin/skill-evolution/Gen Agent Trust Hub

skill-evolution

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell scripts (evolution-engine.sh and version-manager.sh) located within the project's hidden directory (.claude/scripts/) to generate reports, analyze patterns, and manage version snapshots.
  • [PROMPT_INJECTION]: Identifies a surface for indirect prompt injection by monitoring user edits to other skills. Malicious instructions embedded in user edits could be incorrectly classified as improvements and suggested for inclusion in skill templates. This risk is addressed through an evidence chain:
  • Ingestion points: Raw edit data is read from .claude/feedback/edit-patterns.jsonl.
  • Boundary markers: No explicit delimiters or boundary warnings are present in the ingested data files.
  • Capability inventory: The skill has the authority to use Write and Edit tools and execute local shell scripts.
  • Sanitization: The system uses regex pattern matching for categorization and mandates human verification via AskUserQuestion before applying any suggestions to the filesystem.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 03:09 PM