momentum-planner

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface but mitigates it with clear instructions. \n
  • Ingestion points: Analytics exports (~~web analytics), user roadmaps, and community telemetry (HN/GDELT).\n
  • Boundary markers: Not explicitly used, but the logic relies on structured data interpretation.\n
  • Capability inventory: Limited to file writes within the memory/ directory and network reads via defined connectors; no arbitrary code execution capabilities are present.\n
  • Sanitization: Specifically instructs the agent to treat external data as untrusted and ignore any embedded commands, adhering to security best practices.\n- [COMMAND_EXECUTION]: Network operations are performed via local repository scripts (scripts/connectors/hn.py and scripts/connectors/gdelt.py). These are standard data retrieval tools and do not represent a security risk.\n- [DATA_EXFILTRATION]: The skill manages data locally, reading from provided exports and writing to internal memory paths. No evidence of unauthorized data transmission or credential harvesting was found.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 09:34 AM
Security Audit — agent-trust-hub — momentum-planner