Upgrades
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection risk. The skill processes untrusted data from external sources.
- Ingestion points: YouTube transcripts and 30+ Anthropic-related web sources.
- Boundary markers: None identified in the provided skill file.
- Capability inventory: Execution of local scripts via bun and network requests to localhost.
- Sanitization: No sanitization of external content is described.
- [EXTERNAL_DOWNLOADS] (SAFE): Monitors established sources from the Anthropic ecosystem, including trusted GitHub organizations like anthropics.
- [COMMAND_EXECUTION] (SAFE): Uses curl for local service notifications to localhost and bun to run internal helper tools.
Audit Metadata