work-management
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill correctly uses environment variable placeholders (e.g., ${DB2i_USER}) for host configuration in the tools definition, ensuring sensitive credentials are not hardcoded.
- [SAFE]: SQL tool definitions in
tools/work-management.yamlutilize parameterized input (e.g.,:subsystem,:user_name), which is a standard security measure to prevent SQL injection. - [SAFE]: All identified tools are configured with
readOnly: true, restricting the agent to data retrieval operations rather than system modifications. - [SAFE]: The skill's instructions and documentation focus strictly on the intended administrative purpose of IBM i monitoring, with no evidence of prompt injection or malicious command patterns.
Audit Metadata