monitoring-apis
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing potentially untrusted data from API specifications and source code. * Ingestion points: Uses Read and Grep tools to examine files in ${CLAUDE_SKILL_DIR}/api-specs/ and existing source code (File: references/implementation.md). * Boundary markers: No explicit delimiters are used to separate ingested content from core instructions. * Capability inventory: Access to Write, Edit, and a scoped Bash(api:monitor-*) tool allows file modification based on ingested data. * Sanitization: No validation or sanitization steps are defined for external input.
Audit Metadata