log-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface.
- Ingestion points: The skill reads various logs, including Nginx, Apache, and application logs (e.g.,
access.log,application.log), which often record untrusted user input such as HTTP headers, query strings, or request bodies. - Boundary markers: The instructions do not define specific delimiters or "ignore embedded instructions" warnings for the agent when processing the content of these logs.
- Capability inventory: The skill is restricted to using
Read,Grep, andGlobtools to identify and classify patterns. - Sanitization: The skill contains a mandatory constraint to mask sensitive information like passwords and tokens, providing a degree of data protection.
- [COMMAND_EXECUTION]: Execution of local log analysis commands.
- The skill provides several bash-based command templates (using
grep,awk,tail,cut,sort,uniq) to perform analysis. - These commands are intended for local execution on log files and are constrained by the skill's mandatory rule to perform read-only operations only.
Audit Metadata