Skills
skills/changgenglu/changgenglu-blog/devops-engineer/Gen Agent Trust Hub

devops-engineer

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill provides legitimate guidance and templates for infrastructure-as-code and automation.
  • [EXTERNAL_DOWNLOADS]: Fetches dependencies via standard package managers (composer, npm, apk) and utilizes trusted GitHub Actions (e.g., actions/checkout, trivy-action, setup-php) for environment setup and scanning.
  • [COMMAND_EXECUTION]: Contains instructions for building images and deploying to Kubernetes clusters, which is consistent with its DevOps purpose.
  • [PROMPT_INJECTION]: Indirect prompt injection attack surface identified. The skill designs workflows that process code from external Git repositories. Ingestion points: actions/checkout in CI/CD templates. Boundary markers: Absent. Capability inventory: kubectl, docker, composer, npm, apk. Sanitization: Absent. The templates rely on standard CI/CD practices which process external source code by design.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 10:49 AM