log-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill analyzes external log files which are untrusted data sources, representing a potential surface for indirect prompt injection. This risk is minimized by the skill's specific diagnostic context and restricted toolset. 1. Ingestion points: System and application log files (e.g., /var/log/nginx/access.log). 2. Boundary markers: No explicit delimiters are provided for the log content. 3. Capability inventory: The skill is restricted to Read, Grep, and Glob tools. 4. Sanitization: Instructions mandate the masking of sensitive information such as passwords and tokens.
- [DATA_EXFILTRATION]: While the skill accesses potentially sensitive logs in system directories, it includes mandatory rules to mask credentials and strictly prohibits exposing sensitive information externally, aligning with security best practices for log analysis tools.
Audit Metadata