infrastructure-compliance-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external, untrusted data which creates a surface for indirect prompt injection.
- Ingestion points: External DNS record values (TXT, CAA, DS, CNAME) are fetched from external servers in
scripts/dns_security_checker.py. - Boundary markers: Absent. The logic does not encapsulate external data within protective delimiters to prevent instruction hijacking.
- Capability inventory: The skill can execute system commands (
dig,nslookup), perform network resolution (socket.getaddrinfo), and perform file write operations for reporting. - Sanitization: While regex is used for structural parsing, there is no content sanitization to filter out malicious LLM instructions.
- [COMMAND_EXECUTION]: The skill utilizes system-level networking tools to gather audit data.
- Evidence:
scripts/dns_security_checker.pyinvokessubprocess.runto calldigandnslookup. These commands are executed with argument lists, mitigating shell injection risks, but they represent a significant capability that interacts with the host system. - [DATA_EXFILTRATION]: The skill performs network operations to reach external DNS servers.
- Evidence:
scripts/dns_security_checker.pyperforms lookups against arbitrary domains provided by the user viadigandsocket.getaddrinfo. These operations are limited to DNS queries for auditing purposes and do not involve sensitive local file access.
Audit Metadata