sleep-analyzer
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's behavior of reading local health data and writing reports is consistent with its stated purpose and the requested tool permissions (
Read,Grep,Glob,Write). The external links provided are to legitimate scientific and medical resources. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface due to its ingestion of untrusted external data. While no malicious behavior was observed, the design lacks safeguards to prevent embedded instructions in data files from influencing the agent.
- Ingestion points: Reads from multiple files including
data-example/sleep-tracker.json,data-example/fitness-tracker.json,data-example/hypertension-tracker.json,data-example/diabetes-tracker.json,data-example/mood-tracker.json, and files withindata-example/diet-records/anddata-example/sleep-logs/. - Boundary markers: Absent. There are no instructions for the agent to use delimiters or ignore instructions found within the health records.
- Capability inventory: The agent can use
Read,Grep,Glob, andWritetools across the file system. - Sanitization: Absent. No validation or escaping of the processed health data is performed.
Audit Metadata