linux-service-triage
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documents and suggests the use of various administrative commands including
systemctl,journalctl,chmod,chown, andkill. - Evidence: Found in
references/triage-commands.mdandreferences/integration-ideas.md. - Context: These commands are consistent with the skill's primary purpose of system triage and administrative maintenance. The
SKILL.mdfile explicitly includes safety guardrails, stating that the agent should be 'read-only by default' and 'require explicit confirmation for anything risky.' - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to ingest and analyze untrusted data such as log files and configuration snippets provided by users.
- Ingestion points: Log excerpts and configuration snippets defined in
SKILL.mdunder the 'INPUTS' section. - Boundary markers: The skill uses a structured 'TRIAGE REPORT' output format to separate analysis from evidence.
- Capability inventory: The skill utilizes system diagnostic tools (
systemctl,journalctl,ss,nginx -t) to gather information. - Sanitization: The workflow requires the agent to 'classify failure' and 'propose minimal fix' before taking action, which serves as a reasoning step to validate the input data.
Audit Metadata