launch-monitor
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes data from external APIs and user-provided pastes which could contain malicious instructions.
- Ingestion points: External telemetry from connectors (Hacker News, Product Hunt, App Store, GDELT) and user-pasted content in SKILL.md.
- Boundary markers: Includes a clear instruction for the agent to treat all API responses and pasted content as untrusted input and to ignore any embedded instructions.
- Capability inventory: Utilizes the
WebFetchtool and performs read/write operations on local files within thememory/directory. - Sanitization: Explicitly warns against following instructions found in scraped or external content, maintaining a security boundary.
- [EXTERNAL_DOWNLOADS]: The skill uses the
WebFetchtool and specialized connectors to retrieve launch telemetry from well-known services including Hacker News (via Algolia/Firebase), Product Hunt, and GDELT. - [DATA_EXFILTRATION]: The skill interacts with local data stored in the
memory/directory, such asmemory/launch-registry/andmemory/hot-cache.md. While it reads these files, there is no evidence of unauthorized exfiltration to external domains beyond the intended monitoring APIs.
Audit Metadata