canary-watch
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access detected.
- [NO_CODE]: The skill consists exclusively of markdown instructions and does not include any executable scripts or binary files.
- [PROMPT_INJECTION]: The skill processes untrusted content from external URLs, which is a potential surface for indirect prompt injection.
- Ingestion points: External URLs provided to the agent for monitoring (SKILL.md).
- Boundary markers: None; the instructions do not define delimiters for external data.
- Capability inventory: Browser tools (implicit) and file system writes to a log file (~/.claude/canary-watch.log).
- Sanitization: No content sanitization or validation rules are specified.
Audit Metadata