skypilot-multi-cloud-orchestration
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill consists entirely of documentation and configuration templates for SkyPilot. No malicious code, obfuscation, or exfiltration patterns were detected.
- [Indirect Prompt Injection] (LOW): The skill describes how to ingest external data via YAML task definitions (
task.yaml), remote Git repositories, and cloud storage (S3/GCS). While this creates an attack surface where untrusted data could influence agent actions, the documentation follows best practices for a cloud orchestration tool. - Ingestion points: YAML task definitions, file mounts from cloud buckets, and remote Git URLs.
- Boundary markers: Not explicitly present in documentation snippets; relies on tool-specific parsing.
- Capability inventory: High-privilege actions including remote shell command execution (
sky launch), file synchronization, and cloud resource provisioning. - Sanitization: None provided in the documentation; users are responsible for validating the source of task definitions before deployment.
Audit Metadata