hackathon-milestone-monitor
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No evidence of role-play, jailbreak attempts, or instructions to override system safety guidelines was found. The instructions focus strictly on calculating project velocity and status.
- [DATA_EXFILTRATION]: The skill does not perform network operations (no curl, wget, or fetch calls). It does not access sensitive system paths such as credentials or SSH keys. It only references internal knowledge base and playbook directories.
- [REMOTE_CODE_EXECUTION]: There are no patterns of downloading and executing remote scripts or installing unverifiable packages. The skill logic is entirely declarative.
- [COMMAND_EXECUTION]: The skill does not utilize subprocesses, shell execution, or system-level commands to perform its monitoring tasks.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data in the form of task descriptions and milestone names. While this presents a theoretical attack surface for indirect injection, the skill lacks the capabilities (such as network access or file system modification) to act as a vector for privilege escalation or exfiltration. The risk is considered negligible given the skill's limited output-only nature.
- [OBFUSCATION]: The content is provided in plain text. No Base64, hex encoding, or zero-width character obfuscation techniques were detected.
Audit Metadata