sailpoint-transform-debugger
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests data from external sources that could contain malicious instructions. Ingestion points: The skill retrieves transform definitions and identity data via 'sail api get' and 'sail transform download' commands. Boundary markers: No explicit delimiters or instructions are provided to the agent to distinguish between data and instructions within the API responses. Capability inventory: The agent can execute powerful commands including 'sail transform upload' and 'sail api put' to modify system configurations. Sanitization: There is no evidence of data sanitization or validation performed on the API responses before processing.
- [COMMAND_EXECUTION]: The skill executes several 'sail' CLI commands to manage environments and transforms. This is the primary intended behavior of the tool.
- [EXTERNAL_DOWNLOADS]: The skill requires the SailPoint CLI as a prerequisite, which is a well-known tool hosted in the official 'sailpoint-oss' repository on GitHub.
- [DATA_EXFILTRATION]: The skill accesses sensitive identity and account information from the SailPoint tenant. This data is used locally for tracing transform logic and is not transmitted to external domains.
Audit Metadata