Skills
skills/databricks-solutions/vibe-coding-workshop-template/deployment-automation/Gen Agent Trust Hub

deployment-automation

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection vulnerability surface detected in automated evaluation and promotion workflows.\n
  • Ingestion points: Evaluation data is ingested from Unity Catalog tables (e.g., gold.evaluation.agent_eval_dataset) in references/dataset-lineage.md and references/deployment-job-patterns.md.\n
  • Boundary markers: No explicit boundary markers or "ignore instructions" wrappers are used when passing dataset content to the evaluator LLM via mlflow.genai.evaluate.\n
  • Capability inventory: The skill has the capability to automatically promote models to production aliases (mlflow.set_registered_model_alias) and deploy them to Model Serving endpoints (databricks.agents.deploy) in references/deployment-job-patterns.md.\n
  • Sanitization: No sanitization, filtering, or schema validation of the input dataset content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 02:33 AM