monitor

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill operates as a controlled wrapper around a system SDK ('deeting'). Its primary functionality—creating persistent monitoring tasks—is clearly defined in the metadata and implemented using the provided platform tools. There is no evidence of unauthorized persistence outside the stated objective.
  • [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection through the objective parameter in the sys_create_monitor tool. This parameter allows the injection of natural language instructions that will be executed by an assistant at a later time.
  • Ingestion points: objective and title parameters in main.py via the sys_create_monitor tool call.
  • Boundary markers: No explicit delimiters or instruction-ignore markers are used in the prompt construction logic within the skill.
  • Capability inventory: The skill can invoke monitor.create and monitor.list via the deeting SDK, enabling the scheduling of future agent actions.
  • Sanitization: No sanitization or validation of the objective string is performed before it is passed to the SDK.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 02:06 AM