Skills
skills/cockroachdb/cockroach/engflow-artifacts/Gen Agent Trust Hub

engflow-artifacts

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The Python script engflow_artifacts.py executes system commands including curl, unzip, and the engflow_auth CLI via subprocess.run. These executions use argument lists rather than shell strings, which effectively prevents shell injection vulnerabilities.
  • [EXTERNAL_DOWNLOADS]: The skill fetches build metadata, test logs, and binary blobs from mesolite.cluster.engflow.com. These network operations are necessary for the skill's core functionality and target the vendor's own build infrastructure.
  • [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface because it ingests and processes data from external test logs and XML files. 1. Ingestion points: The agent reads test.log and test.xml files downloaded by the script. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the script. 3. Capability inventory: The skill can execute subprocesses for network and file manipulation. 4. Sanitization: There is no sanitization or filtering of the log content before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 11:37 PM