Skills
skills/everyinc/monologue-toolkit/monologue-notes/Gen Agent Trust Hub

monologue-notes

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: Fetches and executes an installation script from the vendor's GitHub repository (github.com/EveryInc/monologue-toolkit) to set up the monologue CLI tool.
  • [COMMAND_EXECUTION]: Executes shell commands using the monologue CLI for note management, listing, and onboarding tasks.
  • [DATA_EXFILTRATION]: The CLI tool transmits data and authentication tokens to the vendor's API endpoint (api.monologue.to) during standard operations and configuration.
  • [PROMPT_INJECTION]: The skill processes potentially untrusted data from note titles, summaries, and transcripts retrieved via the API, which could be used for indirect prompt injection.
  • Ingestion points: Note data retrieved via monologue notes list and monologue notes get in SKILL.md.
  • Boundary markers: No explicit delimiters are present to separate untrusted note content from agent instructions.
  • Capability inventory: Shell command execution capability via the monologue CLI.
  • Sanitization: No sanitization or validation of note content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 09:54 AM