Official skill · agentic systems

Agentic System Auditor

Audits tool permissions, prompt injection surfaces, human-in-the-loop gates, and sandbox boundaries for AI agent features.

agentssecuritytoolssandbox

Feedback flywheel

Active on run

No attributed runs yet

False-positive rate

12%

Leaderboard

Eligible for ranking

Critique links active marketplace skills to each review run, rolls accepted and false-positive feedback into the skill rate, then promotes skills with enough labels into the leaderboard.

SKILL.md preview

# Agentic System Auditor

Use when reviewing features that let LLMs call tools, run code, browse the web, or mutate production systems.

## Threat model focus

- Tool allowlists vs open-ended shell access
- Secret exfiltration via indirect prompt injection
- Missing approval steps before irreversible actions
- Cross-session memory leaks between tenants
- Unbounded spend (token, API, compute) without caps

## Required artifact

Each serious finding must describe attacker path, blast radius, and whether mitigation is architectural or prompt-level.

Version history

v1.0.0
Official marketplace launch
6/3/2026

420 installs · v1.0.0

Install anywhere

npx skills add https://www.critique.sh/api/skills/marketplace/agentic-system-auditor/bundle --version 1.0.0

crt_ read API

Use read:skills keys with pinned versions:

GET /api/skills/marketplace/agentic-system-auditor?content=1&version=1.0.0