Oathe Security Badge

Is peterskoett/self-improving-agent safe?

https://github.com/peterskoett/self-improving-agent

92
SAFE

This appears to be a legitimate self-improvement skill for logging learnings, errors, and corrections during development. The skill creates markdown files for tracking development insights and includes utility scripts for skill extraction and hook integration. While it contains executable scripts and extensive instructions, the functionality appears benign and focused on development productivity.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 90/100 · 25%
Code Execution 85/100 · 20%
Clone Behavior 95/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (3)

LOW Executable Shell Scripts Present -10

The skill contains several shell scripts (extract-skill.sh, activator.sh, error-detector.sh) that could be executed. While they appear to serve legitimate purposes for the skill's functionality, they represent potential code execution vectors.

LOW Extensive Instructional Content -5

The SKILL.md contains very extensive instructions and documentation that could potentially influence agent behavior in subtle ways. While the content appears legitimate, the sheer volume of instructions creates some risk.

INFO Canary File Access During Monitoring -5

Monitoring detected access to canary files (.env, .ssh/id_rsa, .aws/credentials, etc.), but this appears to be from the monitoring system itself rather than the skill attempting exfiltration.