build-ci-migration-assistant
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it parses and processes untrusted third-party configuration files such as
.travis.yml,pom.xml, andpackage.json. \n - Ingestion points: Project configuration files are read and parsed during the source analysis phase (SKILL.md, workflow step 1). \n
- Boundary markers: The skill's instructions do not specify boundary markers or include warnings to ignore instructions embedded within the processed configuration data. \n
- Capability inventory: The skill has the capability to execute shell commands (e.g.,
mvn,npm,gradlew) and perform file-write operations to generate target configurations. \n - Sanitization: There is no evidence of sanitization or validation of the input data extracted from the configuration files. \n- [COMMAND_EXECUTION]: The skill facilitates the execution of build and test commands like
mvn clean install,./gradlew build, andnpm testto validate the migration process. These commands execute logic that is partially derived from the analyzed source configuration. \n- [EXTERNAL_DOWNLOADS]: The skill's workflow and generated configurations rely on well-known services and trusted organizations, including official GitHub Actions (e.g.,actions/checkout,actions/setup-python) and standard package registries like Maven Central and the npm registry. \n- [DATA_EXFILTRATION]: To facilitate migration, the skill is designed to read and map environment variables and secrets from existing CI/CD configurations. This involves accessing potentially sensitive data within the agent's context.
Audit Metadata