devops-automator
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill is granted administrative access to the environment via the Bash tool to execute docker, kubectl, terraform, helm, and gh commands, which is necessary for its primary DevOps automation functions.
- [PROMPT_INJECTION]: The skill maintains an attack surface for indirect prompt injection. Ingestion points: Reads and processes external configuration files like references/kubernetes-deployment.yaml and references/terraform-eks-module.tf. Boundary markers: Missing explicit delimiters to separate untrusted configuration data from agent instructions. Capability inventory: Significant capabilities including file system modification and execution of administrative CLI tools as defined in the SKILL.md allowed-tools section. Sanitization: No input validation or sanitization of configuration content before processing.
- [EXTERNAL_DOWNLOADS]: Reference materials include dependencies on verified GitHub Actions from trusted organizations including the official actions repository, Azure, Docker, and established security vendors like Aqua Security and Truffle Security.
Audit Metadata