god-consensus
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill instructs the agent to execute several local shell scripts (e.g.,
council.sh,awakener.sh) using arguments provided by users or other agents. Direct interpolation of variables likeDESCRIPTIONandCOMMENTinto shell commands creates a command injection surface if the underlying scripts do not implement strict escaping.\n- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection via the decision-making data it processes.\n - Ingestion points: Arguments passed to
council.shand the content of.god/council/decisions/DECISION_ID.json.\n - Boundary markers: Absent (no delimiters or 'ignore' instructions are used for the interpolated data).\n
- Capability inventory: Invocation of shell scripts, system state observation, and file modification via
jq.\n - Sanitization: Absent (the documentation does not specify sanitization or validation of the input strings before they are processed by the shell or the agent).
Audit Metadata