deploying-applications
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The helper script
scripts/generate_k8s_manifests.pycontains a vulnerability surface where untrusted data could influence generated infrastructure manifests. - Ingestion points: CLI arguments such as
--app-nameand--imageare interpolated into YAML templates. - Boundary markers: Absent.
- Capability inventory: The script can write generated content to the local filesystem via the
--outputargument. - Sanitization: None; input is directly formatted into strings.
- External Downloads (LOW): The documentation in
examples/k8s-argocd/README.mdinstructs users to download and apply a manifest from an external source. - Source:
https://raw.githubusercontent.com/argoproj/argo-cd/stable/manifests/install.yaml. - Execution: Applied via
kubectl apply. - Status:
argoprojis the official repository for ArgoCD but is not included in the predefined trusted organization list. - Safe Practices (SAFE): The validation script
scripts/validate_deployment.pycorrectly usesyaml.safe_load_allto prevent YAML-based deserialization vulnerabilities.
Audit Metadata