Skills
skills/oliver-kriska/claude-elixir-phoenix/skill-monitor/Gen Agent Trust Hub

skill-monitor

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads metric data from a local file and interpolates it directly into a subagent's prompt.
  • Ingestion points: Reads session data from '.claude/session-metrics/metrics.jsonl' in Step 2.
  • Boundary markers: No delimiters or warnings are used to isolate the data within the spawned agent's prompt in Step 5.
  • Capability inventory: The skill possesses the ability to spawn subagents and write markdown files.
  • Sanitization: The skill lacks logic to sanitize strings retrieved from session logs before they are processed by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 11:41 PM