monitor
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as a controlled wrapper around a system SDK ('deeting'). Its primary functionality—creating persistent monitoring tasks—is clearly defined in the metadata and implemented using the provided platform tools. There is no evidence of unauthorized persistence outside the stated objective.
- [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection through the
objectiveparameter in thesys_create_monitortool. This parameter allows the injection of natural language instructions that will be executed by an assistant at a later time. - Ingestion points:
objectiveandtitleparameters inmain.pyvia thesys_create_monitortool call. - Boundary markers: No explicit delimiters or instruction-ignore markers are used in the prompt construction logic within the skill.
- Capability inventory: The skill can invoke
monitor.createandmonitor.listvia thedeetingSDK, enabling the scheduling of future agent actions. - Sanitization: No sanitization or validation of the
objectivestring is performed before it is passed to the SDK.
Audit Metadata