Skills
skills/alphaonedev/openclaw-graph/ci-cd-ops/Gen Agent Trust Hub

ci-cd-ops

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands via curl, jenkins CLI, and gh CLI tools to manage CI/CD pipelines. This is consistent with its stated purpose of DevOps automation.
  • [CREDENTIALS_UNSAFE]: The 'Error Handling' section suggests verifying tokens using echo $GITHUB_TOKEN. This practice can inadvertently leak sensitive credentials into build logs or agent history.
  • [PROMPT_INJECTION]: The skill defines an attack surface for indirect prompt injection where user-provided repository URLs or job names are interpolated into shell commands.
  • Ingestion points: Command line arguments such as --repo, --job, and --workflow defined in SKILL.md.
  • Boundary markers: No delimiters or boundary markers are specified to separate untrusted input from the command template.
  • Capability inventory: Shell command execution via curl, jenkins, and gh tools, as well as file system access for configuration files.
  • Sanitization: No sanitization or validation logic is specified for these inputs, increasing the risk of command injection if the agent receives malicious inputs.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 05:44 PM