security-case-management
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: Documentation directs the agent to execute tools immediately, bypassing initial documentation reading to improve efficiency. This is a behavioral optimization intended for performance.
- [CREDENTIALS_UNSAFE]: Authentication is handled securely through environment variables (API keys or basic auth), with code checks to ensure credentials are present before execution.
- [COMMAND_EXECUTION]: The skill provides a CLI wrapper for the Kibana Cases API. These operations are restricted to structured incident management tasks and do not permit arbitrary system command execution.
- [DATA_EXFILTRATION]: The skill facilitates data transfer between the agent and a user-configured Kibana instance. This communication is essential for the skill's primary function of managing security cases.
- [EXTERNAL_DOWNLOADS]: The documentation references standard dependency installation using the NPM package manager, which is conventional for Node.js-based toolsets.
Audit Metadata