landing-zones
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface through tool output poisoning in its automation templates.
- Ingestion points: Scripts in references/security-zone-automation.md ingest compartment data from local JSON files and live OCI API metadata.
- Boundary markers: Absent. The templates do not define boundaries or provide instructions to sanitize or ignore malicious characters within OCI resource metadata.
- Capability inventory: The skill utilizes OCI CLI operations and shell sub-executions ($( )) to automate resource management and configuration.
- Sanitization: Absent. Compartment names and other metadata are interpolated directly into shell command strings without escaping, creating a potential command injection vector if resources in the OCI tenancy are maliciously named.
Audit Metadata