Skills
skills/aaaaqwq/claude-code-skills/ct-monitor/Gen Agent Trust Hub

ct-monitor

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes data from external sources such as Twitter (X) tweets, news feeds, and RSS via the api.ctmon.xyz API. These sources are considered untrusted and could contain hidden instructions designed to manipulate the agent's behavior (Indirect Prompt Injection).\n
  • Ingestion points: API endpoints like /tweets/feed and /info/feed documented in SKILL.md.\n
  • Boundary markers: Absent; no explicit delimiters or instructions to ignore embedded commands are used when processing the text.\n
  • Capability inventory: The skill uses curl for networking and jq for data processing, and can schedule tasks using the openclaw CLI.\n
  • Sanitization: No evidence of sanitization or filtering of external content before processing.\n- [COMMAND_EXECUTION]: The skill provides instructions for the agent to execute shell commands using curl, jq, and the openclaw CLI for scheduling tasks. These are used for the primary purpose of querying the API and managing automated jobs.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 10:15 PM