operational-runbook-generator
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: An indirect prompt injection surface was identified in the runbook generation workflow. The skill processes user-provided service names and task descriptions to synthesize structured procedures that may include executable commands.
- Ingestion points: The 'service' argument and high-level request inputs defined in 'SKILL.md'.
- Boundary markers: The provided metadata and scripts do not define delimiters or instructions to isolate user-provided data from the generation templates.
- Capability inventory: The skill is designed to output Markdown content containing ordered procedure steps and rollback instructions as defined in 'scripts/types/generator.ts'.
- Sanitization: No sanitization or validation logic for user-provided strings is present in the available files.
Audit Metadata