Skills
skills/forever19735/garbage/scheduling-system/Gen Agent Trust Hub

scheduling-system

Pass

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (LOW): Detected potential surface for indirect prompt injection where user-supplied group IDs or schedules could influence the automated broadcast messages. \n
  • Ingestion points: The functions handle_cron_command and update_group_schedule in SKILL.md ingest untrusted data from group_id and days_str parameters. \n
  • Boundary markers: Absent; there are no delimiters or instructions to ignore embedded commands in the data processed for scheduling. \n
  • Capability inventory: The skill utilizes messaging_api.push_message to send network requests to external recipients and BackgroundScheduler to execute functions at delayed intervals. \n
  • Sanitization: Only basic string splitting and case normalization are performed on days_str, which does not prevent injection into the message string used in send_reminder.\n- Capability Analysis (SAFE): The core functionality relies on well-known libraries (apscheduler, pytz) and follows standard patterns for background task management in Python.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 21, 2026, 10:21 AM