monte-carlo-push-ingestion
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill correctly instructs the agent to use environment variables (
MCD_INGEST_ID,MCD_INGEST_TOKEN) for credential management rather than hardcoding sensitive tokens directly in scripts. - [SAFE]: The skill uses the official
pycarloSDK to perform its intended functions, which is the standard library for interacting with the Monte Carlo platform. - [EXTERNAL_DOWNLOADS]: The skill's metadata and repository URL point to a third-party repository (
github.com/sickn33/antigravity-awesome-skills) that is not associated with the primary vendor or a known trusted organization. - [PROMPT_INJECTION]: The skill instructions require the agent to read and adapt code templates from the local file system (
scripts/templates/), which creates a surface for indirect prompt injection if the environment allows for untrusted content in those directories. - Ingestion points: Local file system access via glob patterns (e.g.,
**/push-ingestion/scripts/templates/<warehouse>/*.py). - Boundary markers: There are no explicit instructions or delimiters used to separate the content of the templates from the agent's core instructions.
- Capability inventory: The agent possesses the capability to generate and suggest Python code that performs network operations and processes database metadata.
- Sanitization: No sanitization or validation of the template content is described before the agent incorporates it into its generated output.
Audit Metadata