cost-model
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes the script
scripts/costModel/index.tsusingnpx tsxfor tasks such as cost snapshots, scraping, and live infrastructure tracking.\n- [DATA_EXFILTRATION]: The skill accesses cloud provider infrastructure details and queries a PostgreSQL database for sensitive billing and AI usage data.\n- [CREDENTIALS_UNSAFE]: Instructions direct users to provide database credentials via environment variables (POSTGRES_READ_ONLY_PASSWORD); while placeholders are used, this promotes a pattern of handling sensitive secrets in plain-text environment configurations.\n- [PROMPT_INJECTION]: The skill processes data from external cloud provider APIs and local infrastructure files, presenting an indirect injection surface.\n - Ingestion points: Azure Retail Prices API, Hetzner CLI outputs, and Terraform configuration directories.\n
- Boundary markers: No markers or explicit instructions are present to prevent the agent from obeying instructions embedded in the external pricing or infrastructure data.\n
- Capability inventory: Command execution via subprocesses and network access for pricing data retrieval.\n
- Sanitization: The skill does not mention any sanitization or validation logic for the external content it ingests.
Audit Metadata