Skills
NYC
skills/astronomer/agents/managing-astro-local-env/Gen Agent Trust Hub

managing-astro-local-env

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • COMMAND_EXECUTION (SAFE): The skill provides several commands for the astro CLI (start, stop, kill, restart, ps, logs, bash, run, upgrade-test) and docker system prune. These are legitimate administrative tools for local environment management and align with the primary purpose of the skill.
  • EXTERNAL_DOWNLOADS (SAFE): The skill references Docker images from quay.io/astronomer/astro-runtime. This is a reputable, standard container registry for Astronomer images and does not constitute a high-risk download.
  • PROMPT_INJECTION (LOW): Indirect Prompt Injection Surface. The skill facilitates reading container logs via astro dev logs. If a processed task or external data causes a container to log malicious instructions, the agent could potentially ingest them.
  • Ingestion points: astro dev logs (SKILL.md)
  • Boundary markers: Absent
  • Capability inventory: astro dev bash, astro dev run (SKILL.md)
  • Sanitization: Absent. Standard behavior for log viewers.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:48 PM