x-crisis-monitor
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill is composed exclusively of documentation files (.md). There are no scripts (Python, Node.js, Shell), binaries, or automated configuration files present, precluding any direct execution of commands or remote code.
- [Indirect Prompt Injection] (SAFE): The skill defines a surface for processing untrusted data (X posts), which is an inherent risk for monitoring tools.
- Ingestion points: External social media data identified via keywords in
references/keyword-library.md. - Boundary markers: Not present in the documentation; the skill is a manual workflow guide.
- Capability inventory: The workflow suggests the creation of official brand responses and statements (NL generation).
- Sanitization: Not applicable as no code implementation is provided.
- [Data Exposure] (SAFE): The skill uses generic placeholders such as
[YOUR_BRAND_NAME]or[CEO姓名]and contains no hardcoded credentials, API keys, or sensitive system paths.
Audit Metadata