elasticsearch-authz
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill is authored by a known vendor and performs legitimate administrative tasks for Elasticsearch clusters using documented APIs.\n- [COMMAND_EXECUTION]: The skill relies on curl commands to perform its primary function of cluster management. These commands are parameter-driven and used as intended for API interaction with user-defined endpoints.\n- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it interprets natural language access requests to configure security settings. It provides a structured decomposition workflow to mitigate this risk.\n
- Ingestion points: User prompts describing access requirements in SKILL.md.\n
- Boundary markers: The skill instructs the agent to decompose the request into components and confirm ambiguous steps, though it lacks explicit data delimiters.\n
- Capability inventory: The skill modifies cluster security states via curl commands to user/role management APIs.\n
- Sanitization: Sanitization is handled through the internal decomposition logic that maps user input to specific, validated API parameters.
Audit Metadata