pir
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior, obfuscation, or unauthorized access patterns were identified. The skill is a legitimate orchestration tool designed for incident documentation and analysis.\n- [COMMAND_EXECUTION]: The skill uses the Bash tool for routine administrative tasks. This includes executing
dateto determine the local timezone, performinggit logandgit showoperations on the local repository to identify commits relevant to an incident window, and usingrm -rfto delete temporary directories created during the analysis process. These commands are appropriately scoped and do not pose a security risk in this context.\n- [EXTERNAL_DOWNLOADS]: The skill orchestrates data retrieval from third-party services (PagerDuty, Datadog, Cloudflare, and Rollbar) by invoking designated sub-skills. These interactions are fundamental to the skill's purpose of incident discovery.\n- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection due to its synthesis of data from multiple external sources. \n - Ingestion points: Data is ingested from the user's
QUERYand the results of sub-skills stored in.pagerduty-oncall-tmp/,.datadog-analyser-tmp/,.cloudflare-traffic-investigator-tmp/, and.rollbar-reader-tmp/.\n - Boundary markers: The instructions do not define specific delimiters or guardrails to isolate ingested data from the synthesis prompt.\n
- Capability inventory: The skill has access to powerful tools including
Bash,Write,Edit, andRead.\n - Sanitization: There is no explicit sanitization or validation of the data retrieved from external reports before it is processed by the agent.
Audit Metadata