infoblox-ddi
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No critical, high, or medium severity risks were identified in the skill definition.
- [COMMAND_EXECUTION]: The skill performs command execution via python3 to interact with its backend MCP server, which is the primary and intended function of the tool.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests data from external Infoblox DNS and DHCP services. 1. Ingestion points: DNS record data, DHCP lease information, and IPAM network details processed from the Infoblox API (SKILL.md). 2. Boundary markers: No explicit markers are defined in the instructions to separate external data from agent commands. 3. Capability inventory: Command execution using python3 as defined in the metadata. 4. Sanitization: No specific validation or escaping of external content is mentioned.
- [EXTERNAL_DOWNLOADS]: The skill references the infoblox-ddi-mcp package on PyPI, which aligns with the author's identified resources and is considered a safe dependency.
Audit Metadata