signals-scout-csp-violations
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements a legitimate monitoring workflow using platform-provided MCP tools for data analysis. No hardcoded credentials, malicious downloads, or unauthorized network exfiltration were found.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface due to processing untrusted CSP report data. Ingestion points: $csp_violation event properties (SKILL.md). Boundary markers: None explicitly defined for data interpolation. Capability inventory: execute-sql, signals-scout-emit-signal, and signals-scout-scratchpad-remember (SKILL.md). Sanitization: Use of standard SQL JSON extraction and domain isolation functions.
Audit Metadata