Skills
skills/zenon-red/skills/zoe-heartbeat/Gen Agent Trust Hub

zoe-heartbeat

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references the installation of the 'zenon-red/voize' skill using 'npx skills add'. This is a vendor-owned resource associated with the author 'zenon-red'.
  • [DATA_EXFILTRATION]: Transcripts generated from agent activity are sent to the vendor-hosted service at 'audio.zenon.red' to generate audio URLs for voice reports. This is documented functionality for the Zoe maintainer role.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core function of processing untrusted external data.
  • Ingestion points: The skill reads contributor messages and idea descriptions via 'probe message list' and 'probe idea list' (SKILL.md).
  • Boundary markers: No specific delimiters or 'ignore' instructions are used when interpolating this untrusted data into reports or coordination messages.
  • Capability inventory: The agent has the ability to send messages to public channels ('probe message send'), submit voice announcements to the dashboard ('probe agent voice'), and call external TTS tools.
  • Sanitization: There is no evidence of content validation or escaping for the data ingested from the Nexus state or messages.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 01:49 PM