monte-carlo-prevent
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes an official remote MCP server at
https://mcp.getmontecarlo.com/mcpand requires themontecarlodataPython package. These are official vendor resources required for the skill's functionality.\n- [COMMAND_EXECUTION]: The skill instructs the agent to execute themontecarloCLI for deploying data monitors. This is a primary intended function of the skill to manage data quality as code.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests remote data from the Monte Carlo platform (e.g., table metadata and query history) to influence code recommendations.\n - Ingestion points: External metadata is retrieved via MCP tools such as
getTable,getAlerts, andgetQueriesForTable(as seen in SKILL.md and references/workflows.md).\n - Boundary markers: The instructions do not define explicit delimiters to wrap the external data in the agent's context.\n
- Capability inventory: The agent can perform file writes (for SQL models and YAML monitors) and execute the
montecarloCLI.\n - Sanitization: There is no description of sanitization or validation logic for the data returned from the remote Monte Carlo API.
Audit Metadata