devops-troubleshooter
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The
install_commandinmetadata.jsondownloads the skill content from a non-trusted GitHub repository (github.com/sickn33/antigravity-awesome-skills). While GitHub is a well-known service, the specific account and repository are not recognized as trusted or official vendor resources. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) due to its primary function of processing untrusted data.
- Ingestion points: The skill is designed to analyze logs, distributed traces, APM data, and system metrics from various external platforms (ELK, Datadog, etc.).
- Boundary markers: There are no boundary markers or instructions telling the agent to ignore potentially malicious instructions embedded within the logs or observability data being analyzed.
- Capability inventory: The instructions grant the agent capabilities to execute diagnostic commands and interact with infrastructure tools such as
kubectl,tcpdump, anddig. - Sanitization: The skill lacks any instructions for sanitizing, validating, or escaping external content before the agent acts upon it.
Audit Metadata