elestio
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches setup scripts and repository data from the vendor's GitHub organization during the installation phase.
- [REMOTE_CODE_EXECUTION]: The documentation includes a command to execute a remote installation script from the vendor's repository via piped shell execution.
- [COMMAND_EXECUTION]: The skill functions by executing various subcommands of the elestio CLI to manage servers, backups, and network settings.
- [PROMPT_INJECTION]: The skill is exposed to indirect prompt injection through the processing of external service data and deployment logs.
- Ingestion points: Command outputs from
elestio cicd pipeline-logsandelestio servicescontain data from remote servers. - Boundary markers: No specific delimiters are used to wrap external content in the provided instructions.
- Capability inventory: The skill has the capability to execute infrastructure-level commands via the
elestioCLI. - Sanitization: No explicit sanitization or validation logic is defined for the data retrieved from the CLI.
Audit Metadata