activity-monitor
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches real-time market activity (merges, splits, and redemptions) from the DOME API at
api.domeapi.io. This external communication is the primary function of the skill and follows standard API usage patterns. - [PROMPT_INJECTION]: The skill handles untrusted user-generated content (such as transaction titles and market slugs) from Polymarket, which constitutes an indirect prompt injection surface. The author has implemented proactive defenses to mitigate this risk.
- Ingestion points: External data enters the skill via the
fetchActivityandfetchAllActivityfunctions inscripts/activityMonitor.js. - Boundary markers: While explicit prompt delimiters are not provided in the script logic, the data is isolated within structured objects before analysis.
- Capability inventory: Analysis of the skill's scripts confirms that its capabilities are limited to data parsing, statistical clustering, and pattern detection; it contains no functions for arbitrary command execution, file system modification, or unauthorized data exfiltration.
- Sanitization: The skill utilizes a comprehensive security module (
scripts/security.js) that performs regex-based filtering of common injection patterns (e.g., 'ignore previous instructions') and validates the ratio of special characters to identify potential obfuscation attempts.
Audit Metadata