wc-captain-ladder
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXPOSURE]: The skill defines a workflow that ingests external data from user-provided URLs (match schedules and predicted lineups). This constitutes an indirect prompt injection surface where untrusted data enters the agent context.
- Ingestion points: Data is read from external URLs specified in the
source_urlsfield of thecaptain-laddersignal (SKILL.md). - Boundary markers: The instructions do not specify the use of delimiters or warnings to ignore embedded instructions within the ingested data.
- Capability inventory: The skill contains no dangerous capabilities such as subprocess execution,
eval()/exec()calls, file-system writes, or network exfiltration logic. Its function is limited to calculating game values and returning a YAML signal. - Sanitization: No explicit sanitization or validation of the external content is described.
- [EXTERNAL_DOWNLOADS]: The skill's output schema includes placeholders for external URLs to document the source of kickoff schedules and predicted lineups. These references are essential for the primary functionality of the skill and do not point to known malicious domains.
Audit Metadata