ct-monitor
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes curl to perform HTTP requests to external APIs and jq to parse the resulting JSON data. These operations are core to its functionality as a data aggregator and analyst.
- [EXTERNAL_DOWNLOADS]: Data is fetched from the author's backend (api.ctmon.xyz) and well-known industry services including Binance (api.binance.com) and BNB Chain (www.bnbchain.org). These sources are consistent with the skill's stated purpose and are documented neutrally.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted content such as tweets and news articles retrieved from external APIs. Ingestion points: SKILL.md defines calls to /tweets/feed, /tweets/recent, and /info/feed. Boundary markers: The skill uses basic Markdown headers in its output but lacks robust delimiters or 'ignore' instructions for the untrusted content itself. Capability inventory: The agent has access to curl and jq to interact with the web and process data. Sanitization: No explicit sanitization or filtering of the text content of tweets or news is implemented before it is passed to the LLM for synthesis.
Audit Metadata