Skills
skills/momentic-ai/skills/momentic-result-classification/Gen Agent Trust Hub

momentic-result-classification

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes data from external applications through test results, which is a vector for indirect prompt injection.
  • Ingestion points: The skill reads contents from metadata.json, console.json, har-pages.log, har-entries.log, and HTML/DOM snapshots (<snapshotId>.html) located in the test-results/ or .momentic-mcp/ directories.
  • Boundary markers: Absent. There are no instructions or delimiters provided to the agent to distinguish between the skill's instructions and the potentially untrusted content of the test logs or snapshots.
  • Capability inventory: The agent uses momentic_list_runs and momentic_get_run tools to retrieve and analyze run data.
  • Sanitization: Absent. The skill does not define any validation or filtering mechanisms for the data retrieved from the test results before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 02:28 AM