@1247/squad-agent
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements an automated listener that ingests untrusted message content from an external API, creating a vulnerability surface for indirect prompt injection.
- Ingestion points: The script
scripts/listener.pyfetches data from the/members/{id}/mentionsendpoint of the Starchild community platform. - Boundary markers: No explicit delimiters, boundary markers, or security instructions (e.g., "ignore embedded commands") are used when processing the fetched mention content.
- Capability inventory: According to the
SKILL.mddocumentation, the agent is expected to use its available tools to fulfill the requests contained within these external mentions. - Sanitization: The skill does not perform any validation, filtering, or sanitization of the incoming message content before it is processed by the agent.
Audit Metadata