sailpoint-account-status
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests data from external API responses (SailPoint account and source names) and incorporates them into agent responses and subsequent command executions. * Ingestion points: The skill fetches data from the SailPoint API in SKILL.md (Steps 2, 3, 4, and 6) and references/api-endpoints.md. * Boundary markers: There are no explicit delimiters or instructions to ignore embedded content within the ingested data. * Capability inventory: The skill performs state-changing operations via the sail CLI (SKILL.md Step 5) to enable or disable accounts. * Sanitization: No evidence of sanitization or escaping of the retrieved account names or IDs is present before they are used in command execution.
- [COMMAND_EXECUTION]: The skill uses the sail CLI to execute various shell commands for environment management, data retrieval, and performing administrative actions on SailPoint Identity Security Cloud accounts.
Audit Metadata