monitor-tool
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill describes workflows where the agent monitors external sources like logs, CI outputs, and server tracebacks to automate responses or code fixes. This configuration is susceptible to indirect prompt injection if an attacker can control the content of these external streams to influence the agent's behavior. * Ingestion points: External log files, CI output, and background process streams. * Boundary markers: There are no instructions for the agent to use delimiters or specific safety warnings when processing monitored data. * Capability inventory: The agent utilizes
Bash,Write, andReadtools to execute code and modify files based on events. * Sanitization: The skill does not describe any sanitization or validation of the monitored input before the agent acts upon it. - [COMMAND_EXECUTION]: The skill uses the
Bashtool to perform background monitoring, start development servers, and execute patches or fixes based on event triggers.
Audit Metadata