critique
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): The skill uses authoritative directives to govern agent reasoning (e.g., 'No hedging', 'Complete Φ2a... before Φ2b') but does not contain instructions to bypass AI safety filters or disregard system rules.
- [Indirect Prompt Injection] (LOW): The skill processes untrusted external content, creating a vulnerability surface. 1. Ingestion points: User input in
/critique [query]and external web search data referenced in Phase 2a (commands/critique.md). 2. Boundary markers: Absent; external data is interpolated directly into the dialectical reasoning phases. 3. Capability inventory: Limited to agent reasoning, internal synthesis, and long-term memory updates; no command execution or unauthorized file access detected. 4. Sanitization: No input validation or filtering is performed on the query or search results. - [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or unauthorized network communication patterns were identified.
- [Remote Code Execution] (SAFE): No external package dependencies or remote script downloads were found in the skill files.
Audit Metadata