Skills
skills/sickn33/antigravity-awesome-skills/monte-carlo-validation-notebook/Gen Agent Trust Hub

monte-carlo-validation-notebook

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from GitHub pull requests and local dbt files.
  • Ingestion points: PR titles, descriptions, diffs, and file contents retrieved using the gh command-line tool.
  • Boundary markers: Absent; there are no specific delimiters used to isolate external content when the agent parses code for metadata extraction.
  • Capability inventory: The skill can execute shell commands via subprocess.run to open browser URLs.
  • Sanitization: Helper scripts implement basic ASCII character replacement but do not perform semantic validation or safety filtering on the content of the generated notebook cells.
  • [COMMAND_EXECUTION]: The helper script generate_notebook_url.py utilizes subprocess.run to execute the system's open command, which launches the default web browser to display the generated notebook.
  • [EXTERNAL_DOWNLOADS]: The skill makes extensive use of the GitHub CLI (gh) to download metadata and source code from remote repositories for the purpose of change analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 02:10 PM