cloud-network-security
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a Python script (
scripts/cloud_network_security.py) to perform API operations. The script relies entirely on Python's standard library for network requests and JSON processing. - [DATA_EXFILTRATION]: The skill handles the
EC_API_KEYto authenticate against the official Elastic Cloud API domain (api.elastic-cloud.com). This communication is required for the skill's primary purpose of managing cloud resources and targets the vendor's own infrastructure. - [SAFE]: The documentation follows security best practices by instructing the agent and user to manage credentials via environment variables or local configuration files, avoiding direct transmission of secrets in chat history.
- [SAFE]: While the skill ingests data from external API responses (such as filter descriptions and names), which is a common surface for indirect prompt injection, the source is the user's authenticated cloud environment, and the risk is consistent with standard administrative tooling.
Audit Metadata