watch-and-act
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or unauthorized behaviors were detected. The skill's behavior is consistent with its stated purpose of monitoring external signals.
- [PROMPT_INJECTION]: The skill processes data from untrusted external sources (e.g., CI/CD status, endpoint health), which creates an indirect injection surface inherent to its function.
- Ingestion points: Output from Bash commands like
ghorcurlused to query external services. - Boundary markers: The skill does not explicitly define delimiters to separate external data from agent instructions, relying instead on high-level classification logic.
- Capability inventory: Uses
Bashfor state checks and theAgenttool to trigger subsequent actions. - Sanitization: No explicit sanitization or validation of the external signal data is described, as the agent is instructed to read the raw state directly.
Audit Metadata