griffin-monitors
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides comprehensive instructions for designing and implementing API monitors using a domain-specific language. It promotes security best practices by instructing the agent to use variable() and secret() helpers to prevent sensitive data exposure.\n- [EXTERNAL_DOWNLOADS]: The skill references @griffin-app/griffin and @griffin-app/griffin-core, which are official components of the platform provided by the skill author.\n- [PROMPT_INJECTION]: The skill workflow involves analyzing codebase elements to generate monitor scripts, which constitutes an indirect prompt injection surface. 1. Ingestion points: route handlers, response types, DTOs, and OpenAPI specs. 2. Boundary markers: absent. 3. Capability inventory: writing monitor definitions to the griffin directory. 4. Sanitization: absent.
Audit Metadata