review-monitor
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script
scripts/review_monitor.pyto fetch data and generate visualization charts using thematplotlibandPillowlibraries. - [EXTERNAL_DOWNLOADS]: The skill communicates with vendor-managed API endpoints at
NEXSCOPE_PROXY_BASEto retrieve review data. These operations are part of the intended functionality and target known vendor infrastructure. - [PROMPT_INJECTION]: The skill ingests untrusted third-party review text, creating a surface for indirect prompt injection. 1. Ingestion points: Amazon review titles and body text are retrieved from the NexScope API in
scripts/review_monitor.py. 2. Boundary markers: No explicit markers are used to separate ingested content from system instructions in the final report. 3. Capability inventory: The skill has file-write permissions for saving charts and network-access permissions for the API. 4. Sanitization: Content is analyzed using keyword-based logic and truncated for snippets, reducing the risk of instructional content being interpreted as commands by the agent.
Audit Metadata