chaos-engineering
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides specific CLI commands and API interactions for simulating system failures, such as killing Kubernetes pods, injecting network latency, and stressing CPUs. While these are high-impact operations, they are documented as the primary function of the skill for resilience testing.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it interprets external YAML configuration files to define chaos experiments. Maliciously crafted data within these files could attempt to influence the agent's execution flow.
- Ingestion points: YAML configuration files (e.g.,
experiment.yaml) loaded and executed via theocla chaos runcommand. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to distinguish between configuration data and potential embedded instructions.
- Capability inventory: The skill utilizes shell command execution (via
oclaandkubectl), local file system access, and network requests to external API endpoints. - Sanitization: The skill does not mention any validation, schema enforcement, or sanitization of the YAML input before it is used to trigger system-level actions.
Audit Metadata