pylon
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill repository contains only Markdown documentation and reference material. No executable scripts, binaries, or software packages are provided.
- [SAFE]: Integration examples for the MCP server correctly utilize placeholders (e.g., 'YOUR_TOKEN' and 'your-pylon-instance.com') rather than hardcoding actual credentials or sensitive URLs.
- [DATA_EXFILTRATION]: The skill describes tools intended to transmit project plans and code diffs to a remote Pylon instance. This transmission is the primary, documented function of the service for human review purposes and is not unauthorized.
- [PROMPT_INJECTION]: The workflow describes an agent pulling feedback from an external source via 'pull_plan'. While this establishes a surface for indirect prompt injection from the external Pylon service, the skill's internal instructions are benign and contain no bypass attempts. Evidence Chain: 1. Ingestion point: pull_plan and pull_code_feedback tools; 2. Boundary markers: Not specified in documentation; 3. Capability inventory: MCP tools for data management only; 4. Sanitization: Not specified.
Audit Metadata