ansible-generator
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute
ansible-validatorto verify generated project files as part of its deterministic execution flow inSKILL.md. - [COMMAND_EXECUTION]: The package includes a test script (
test/test_fixture_regressions.py) that usessubprocess.runto executeansible-playbookfor verifying template and variable loading logic. - [PROMPT_INJECTION]: The skill processes user-supplied instructions to generate Ansible content, which constitutes a surface for Indirect Prompt Injection (Category 8).
- Ingestion points: User requests for playbooks, roles, and tasks (SKILL.md).
- Boundary markers: None defined within the generation workflow to isolate user input from the surrounding code templates.
- Capability inventory: The skill performs file system writes (generating YAML/Jinja2 files) and command execution (running validation tools).
- Sanitization: No explicit logic is provided to sanitize or escape user-provided strings before they are interpolated into the generated Ansible files.
Audit Metadata