watch-and-act

Pass

Audited by Gen Agent Trust Hub on Jul 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or unauthorized behaviors were detected. The skill's behavior is consistent with its stated purpose of monitoring external signals.
  • [PROMPT_INJECTION]: The skill processes data from untrusted external sources (e.g., CI/CD status, endpoint health), which creates an indirect injection surface inherent to its function.
  • Ingestion points: Output from Bash commands like gh or curl used to query external services.
  • Boundary markers: The skill does not explicitly define delimiters to separate external data from agent instructions, relying instead on high-level classification logic.
  • Capability inventory: Uses Bash for state checks and the Agent tool to trigger subsequent actions.
  • Sanitization: No explicit sanitization or validation of the external signal data is described, as the agent is instructed to read the raw state directly.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 6, 2026, 09:16 AM
Security Audit — agent-trust-hub — watch-and-act