network-watcher
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [SAFE]: The skill's content is entirely defensive and instructional. It acts as a security policy for identifying exfiltration attempts and suspicious outbound connections.
- [PROMPT_INJECTION]: The skill utilizes persona-adoption instructions ("You are a network security auditor") and prescriptive behavioral rules to guide the agent's logic. These instructions are aligned with the skill's intended purpose of facilitating security audits.
- [NO_CODE]: This is a documentation-only skill containing no executable scripts or binaries. It relies solely on the agent's natural language processing to perform its auditing functions.
- [PROMPT_INJECTION]: The skill's primary function of analyzing untrusted skill files creates a surface for indirect prompt injection.
- Ingestion points: The skill reads metadata and code from other skills (fileRead permission) to perform security audits.
- Boundary markers: No explicit delimiters or safety instructions are defined to separate the auditor's logic from the potentially malicious content being audited.
- Capability inventory: The skill is granted file system read access to enable the auditing of local skill files.
- Sanitization: There are no documented mechanisms for sanitizing or validating external skill content before it is processed by the auditor.
Audit Metadata