log-monitoring
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Shell command templates in the skill use unvalidated placeholders which could lead to command injection if the input is not sanitized. Evidence: The command 'tail -f openalgo/strategies/logs/{strategy_id}_*.log' in SKILL.md interpolates a variable directly into a shell string without instructions for the agent to sanitize the input.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it processes external log data that could be controlled by an attacker. Ingestion points: Reads log files from 'openalgo/log/' and 'openalgo/strategies/logs/' (File: SKILL.md). Boundary markers: No delimiters or 'ignore' instructions are present to prevent the agent from obeying instructions found inside log files. Capability inventory: Executes shell commands via subprocess (tail, grep, find, watch). Sanitization: No input validation is performed on the log content.
Audit Metadata