day2-create-context-sync-skill
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches a list of available MCP servers from the official and well-known Model Context Protocol GitHub repository.
- [COMMAND_EXECUTION]: Installs workshop curriculum materials using npx from the vendor's own repository (ai-native-camp).
- [REMOTE_CODE_EXECUTION]: Guides the creation and execution of local Python scripts to fetch data from APIs (e.g., Gmail and Google Calendar). These operations are part of the intended educational functionality and target user-authorized endpoints.
- [DATA_EXFILTRATION]: The skill aggregates private data (Slack messages, emails, tasks) into a single local file or sends it to user-configured destinations (Notion/Slack). No unauthorized external data transmission was detected.
- [PROMPT_INJECTION]: Contains a 'STOP PROTOCOL' that serves as a pedagogical constraint to ensure the workshop proceeds in defined stages; this does not bypass agent safety filters or security protocols.
Audit Metadata