Skills
skills/wyattowalsh/agents/things-manager/Gen Agent Trust Hub

things-manager

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill does not exhibit any malicious patterns such as prompt injection, unauthorized data exfiltration, or remote code execution. It is focused on managing local Things 3 data via a specific MCP server.\n- [PROMPT_INJECTION]: The skill handles external data from Things 3, which could potentially contain malicious instructions (Indirect Prompt Injection). This risk is effectively addressed through the following measures:\n
  • Ingestion points: Data enters through tools like things_get-today as described in SKILL.md and references/workflows.md.\n
  • Boundary markers: The skill enforces a mandatory ## Preview section to delimit proposed changes.\n
  • Capability inventory: Write capabilities are limited to specific things_add and things_update tools.\n
  • Sanitization: Instructions require the agent to preserve user wording for task titles unless cleanup is explicitly requested.\n- [DATA_EXFILTRATION]: The skill includes extensive privacy guidelines in references/safety.md, directing the agent to minimize the exposure of sensitive personal data and avoid searching for secrets or credentials. No network exfiltration tools or patterns were identified.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 04:59 AM