Skills
skills/darshil321/fynd-backend-skills/fynd-backend-microservices/Gen Agent Trust Hub

fynd-backend-microservices

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The script scripts/diagnose.js uses child_process.execSync to execute kubectl get pods. This is a direct shell command execution pattern. While the command is static and aligned with the primary diagnostic purpose of the skill, it utilizes a sensitive capability that grants the agent access to infrastructure metadata.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill exhibits an attack surface for indirect prompt injection due to its data ingestion and execution capabilities.
  • Ingestion points: Data enters the agent context through the output of the kubectl command in scripts/diagnose.js.
  • Boundary markers: Absent. The script does not wrap the environment output in delimiters or provide instructions to ignore embedded commands.
  • Capability inventory: The skill uses execSync in scripts/diagnose.js for command execution.
  • Sanitization: Absent. External data from the cluster (such as maliciously named pods) is not sanitized before being returned to the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:44 PM