aggregation-report
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled bash script (scripts/report.sh) and the sail CLI to query event data.
- [EXTERNAL_DOWNLOADS]: The skill relies on the sailpoint-oss/sailpoint-cli tool, which is an official prerequisite from a trusted organization.
- [PROMPT_INJECTION]: The skill displays data fetched from the SailPoint API, representing a surface for indirect prompt injection.
- Ingestion points: API data processed in scripts/report.sh.
- Boundary markers: No delimiters are used in the report output.
- Capability inventory: The skill can execute shell commands and make API calls via scripts/report.sh.
- Sanitization: Field extraction is performed via jq in scripts/report.sh.
Audit Metadata