sailpoint-provisioning-failure-triage
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
sailCLI to interact with the SailPoint platform. This includes commands for environment management (sail environment use) and API interactions (sail api). These operations are necessary for the skill's functionality and are restricted to a specific, legitimate tool. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes error messages and status results from external target systems via the SailPoint API.
- Ingestion points: Error messages and result strings are retrieved from the
accountactivities,access-request-status, andtask-statusendpoints. - Boundary markers: There are no explicit delimiters or warnings instructing the agent to ignore potentially malicious instructions embedded in the API responses.
- Capability inventory: The skill's primary capability is executing
sailCLI commands to query API data and switch tenant environments. - Sanitization: The instructions guide the agent to parse and clean up error messages for reporting, which provides a basic level of filtering but does not constitute a robust security boundary against intentional injection.
Audit Metadata