cronlytic
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill instructs the agent to wrap curl commands in
bash -c. While this is intended to handle environment variable persistence issues, this pattern requires careful handling of user-controlled inputs to prevent command injection. - PROMPT_INJECTION (LOW): The skill presents an indirect prompt injection surface (Category 8). 1. Ingestion points: The skill reads configuration data such as target URLs, headers, and request bodies when creating cron jobs. 2. Boundary markers: Absent. No specific delimiters or warnings are provided to ignore embedded instructions in the processed data. 3. Capability inventory: The skill can perform network requests to arbitrary URLs via curl and write to the filesystem. 4. Sanitization: Absent. The skill does not describe or implement sanitization for the inputs used to construct scheduled HTTP requests.
Audit Metadata