multica-autopilots

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the multica command-line utility for managing autopilot lifecycle, including creation, updates, and triggering. The tool usage is constrained to the multica binary as defined in the allowed-tools frontmatter.
  • [DATA_EXFILTRATION]: Contains explicit instructions for the agent to redact webhook tokens and signing material, preventing accidental exposure of secrets in logs, comments, or documentation.
  • [PROMPT_INJECTION]: The skill manages the creation of autopilot tasks that incorporate user-provided descriptions. This represents an indirect prompt injection surface for the agents that eventually execute these tasks, although the management interface itself does not contain injection patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 11:46 PM
Security Audit — agent-trust-hub — multica-autopilots