momentum-planner
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill identifies an indirect prompt injection surface but mitigates it with clear instructions. \n
- Ingestion points: Analytics exports (~~web analytics), user roadmaps, and community telemetry (HN/GDELT).\n
- Boundary markers: Not explicitly used, but the logic relies on structured data interpretation.\n
- Capability inventory: Limited to file writes within the memory/ directory and network reads via defined connectors; no arbitrary code execution capabilities are present.\n
- Sanitization: Specifically instructs the agent to treat external data as untrusted and ignore any embedded commands, adhering to security best practices.\n- [COMMAND_EXECUTION]: Network operations are performed via local repository scripts (scripts/connectors/hn.py and scripts/connectors/gdelt.py). These are standard data retrieval tools and do not represent a security risk.\n- [DATA_EXFILTRATION]: The skill manages data locally, reading from provided exports and writing to internal memory paths. No evidence of unauthorized data transmission or credential harvesting was found.
Audit Metadata