buildkite-pipelines
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides patterns for 'Dynamic Pipelines', where scripts (Bash, Python, or SDKs) are executed to generate YAML configurations that are subsequently uploaded and executed by the Buildkite agent.
- Evidence: Detailed in 'SKILL.md' and 'references/dynamic-pipeline-patterns.md', showing how 'buildkite-agent pipeline upload' is used to inject generated steps into the build process.
- [PROMPT_INJECTION]: The 'handler pattern' described in the documentation involves the agent reading untrusted data from build metadata, artifacts, and external APIs to determine pipeline behavior, which constitutes an indirect prompt injection surface.
- Evidence: 'references/dynamic-pipeline-patterns.md' provides examples of reading 'build-manifest.json' and build metadata to decide whether to trigger hotfix or standard deployments.
- [EXTERNAL_DOWNLOADS]: The skill references several external resources, including the Buildkite SDK and various plugins used to extend agent capabilities.
- Evidence: References to 'github.com/buildkite/buildkite-sdk' and plugin version strings like 'docker-compose#v5.5.0' appear throughout the reference and example files.
Audit Metadata