deployment
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its logging implementation.
- Ingestion points:
references/monitoring.mddemonstrates logging ofargs.nameanderror.messagefrom tool calls and runtime errors. - Boundary markers: The implementation does not use explicit boundary markers to isolate these untrusted inputs within the logs.
- Capability inventory: Logs are written to
stderror local log files as configured in theLOG_DESTINATIONandLOG_FILEenvironment variables defined inSKILL.md. - Sanitization: There is no evidence of sanitization or escaping of external data before it is recorded in the structured logs.
- [EXTERNAL_DOWNLOADS]: The skill involves standard package management and connections to external service providers.
- Downloads Node.js packages using
bun installduring the Docker build process inassets/Dockerfile. - Utilizes external Nostr relays for communication, including well-known public relays like
wss://nos.loland vendor-managed infrastructure atwss://relay.contextvm.org.
Audit Metadata