agent-repair
Warn
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides the agent with instructions to use bash commands to perform repair actions, such as restarting services and adjusting file permissions, which facilitates arbitrary command execution on the underlying host.
- [CREDENTIALS_UNSAFE]: The workflow involves checking and updating sensitive data, including API keys, authentication credentials, environment variables, and configuration files, granting the agent access to system secrets.
- [PROMPT_INJECTION]: The skill has a vulnerability surface for indirect prompt injection through its analysis of untrusted external data.
- Ingestion points: Failure logs, stack traces, and user-provided error descriptions entering the agent context as defined in SKILL.md.
- Boundary markers: No specific delimiters or safety instructions are defined to separate untrusted log content from the agent's core instructions.
- Capability inventory: The agent has capabilities for file system modification, bash command execution, and API interaction (SKILL.md).
- Sanitization: The skill documentation does not outline any process for sanitizing or validating external logs and traces before analysis.
Audit Metadata