atmos-templates
Warn
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill allows fetching data from remote URLs via Gomplate datasources. Evidence: SKILL.md demonstrates fetching from the well-known service https://api.ipify.org.
- [DATA_EXFILTRATION]: The skill can access sensitive system environment variables and cloud secrets. Evidence: references/go-templates.md shows access to USER and HOME environment variables. Evidence: SKILL.md documents fetching secrets from AWS using aws+smp URLs.
- [COMMAND_EXECUTION]: The skill executes logic via Go templates and supports multi-pass evaluation where data rendered in the first stage can be executed as code in the second stage. Evidence: SKILL.md supports setting evaluations: 2 for multi-stage resolution.
- [PROMPT_INJECTION]: The skill has an indirect injection surface by processing data from environment variables and external APIs as templates before final YAML parsing. Ingestion points: Environment variables and external datasource responses. Boundary markers: None mentioned for separating untrusted data from template logic. Capability inventory: Secret retrieval, environment variable access, remote data fetching, and multi-pass template execution. Sanitization: Documentation lacks instructions for sanitizing external inputs before interpolation.
Audit Metadata