cloud-native-engineer
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (HIGH): The skill directs the agent to execute PowerShell scripts located at relative paths outside the primary skill directory (e.g., ../scripts/deploy_minikube.ps1). Evidence: SKILL.md Workflow 4 and references/deployment_guide.md Section 3. Risk: These scripts are missing from the skill package, meaning their operations are unvetted. Execution of arbitrary scripts on a local machine can lead to system compromise.
- PROMPT_INJECTION (HIGH): Category 8: Indirect Prompt Injection surface with high capability. Ingestion points: SKILL.md (Workflow 1) and references/microservices.md where the agent analyzes external project domains and payload standards. Capability inventory: The agent is tasked with generating complex Kubernetes manifests and executing deployment automation scripts. Sanitization: None found. Risk: An attacker could provide malicious service descriptions or Domain Bounded Contexts that trick the agent into generating backdoored manifests or misconfiguring the Dapr backbone.
Recommendations
- AI detected serious security threats
Audit Metadata