dayapp-mobile-push
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The Python script
scripts/send_dayapp_push.pytransmits task summaries and a user-provideddeviceidto the external serviceapi.day.app. While this is the intended purpose, it involves sending agent context to a third-party API. - [COMMAND_EXECUTION]: The script
scripts/send_dayapp_push.pyusessubprocess.check_outputto run thepscommand to identify whether the agent environment is Claude or Codex. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it aggregates current task context into notification payloads.
- Ingestion points: Summarized task names and summaries are derived from the current agent conversation and passed to the execution script in
SKILL.md. - Boundary markers: No delimiters or safety instructions are used when passing task data to the notification script.
- Capability inventory: The skill uses
urllib.request.urlopenfor network communication andsubprocess.check_outputfor system command execution inscripts/send_dayapp_push.py. - Sanitization: The
strip_sensitivefunction inscripts/send_dayapp_push.pyemploys regular expressions to redact potential secrets (tokens, passwords) and URLs from the task text before transmission.
Audit Metadata