monte-carlo-push-ingestion

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [SAFE]: The skill correctly instructs the agent to use environment variables (MCD_INGEST_ID, MCD_INGEST_TOKEN) for credential management rather than hardcoding sensitive tokens directly in scripts.
  • [SAFE]: The skill uses the official pycarlo SDK to perform its intended functions, which is the standard library for interacting with the Monte Carlo platform.
  • [EXTERNAL_DOWNLOADS]: The skill's metadata and repository URL point to a third-party repository (github.com/sickn33/antigravity-awesome-skills) that is not associated with the primary vendor or a known trusted organization.
  • [PROMPT_INJECTION]: The skill instructions require the agent to read and adapt code templates from the local file system (scripts/templates/), which creates a surface for indirect prompt injection if the environment allows for untrusted content in those directories.
  • Ingestion points: Local file system access via glob patterns (e.g., **/push-ingestion/scripts/templates/<warehouse>/*.py).
  • Boundary markers: There are no explicit instructions or delimiters used to separate the content of the templates from the agent's core instructions.
  • Capability inventory: The agent possesses the capability to generate and suggest Python code that performs network operations and processes database metadata.
  • Sanitization: No sanitization or validation of the template content is described before the agent incorporates it into its generated output.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 02:14 AM
Security Audit — agent-trust-hub — monte-carlo-push-ingestion