atmos-introspection
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Describes the use of the
atmosCLI tool for system and workspace introspection, allowing agents to query the state of infrastructure stacks and components. - [EXTERNAL_DOWNLOADS]: Documents Git-related flags such as
--clone-target-ref, which allow theatmostool to fetch data from remote repositories for comparison and impact analysis. - [DATA_EXFILTRATION]: Provides instructions for using the
--uploadflag to transmit component instances and affected resource metadata to external HTTP endpoints or the Atmos Pro API. - [CREDENTIALS_UNSAFE]: Documents the usage of sensitive flags including
--ssh-key,--ssh-key-password, and authentication identities (--identity) used to access private resources. - [PROMPT_INJECTION]: Identifies a surface for indirect prompt injection via the processing of Go templates and YAML functions within stack manifests. Ingestion points: Stack manifests and remote Git repositories. Boundary markers: None. Capability inventory: Template rendering and function evaluation. Sanitization: None described.
Audit Metadata