Skills
skills/yutakobayashidev/dotnix/oura-daily-watch/Gen Agent Trust Hub

oura-daily-watch

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by reading external data from Discord message history. While the instructions advise summarizing only aggregate statistics, malicious instructions embedded in chat messages could potentially influence the agent's behavior or cause it to leak sensitive information.
  • Ingestion points: Discord message history via message.read mentioned in SKILL.md.
  • Boundary markers: Absent; there are no specific markers or system instructions to ignore commands within the fetched message history.
  • Capability inventory: The skill executes network requests to the Oura API via scripts/oura_fetch.py and produces summaries for the user.
  • Sanitization: Absent; the skill relies on the LLM's adherence to the instruction to 'summarize only aggregate stats' without technical validation or filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 02:02 AM