buildgit
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection due to its core functionality of processing external build data.
- Ingestion points: Untrusted data from Jenkins console logs and test reports enters the agent context via the API fetching functions in
scripts/lib/jenkins-common/api_test_results.sh. - Boundary markers: Absent. The skill displays build output and log summaries to the agent without using delimiters or instructions to ignore potential commands embedded in the build logs.
- Capability inventory: The skill can execute significant commands including
git push(inscripts/buildgit) and authenticated network requests to trigger Jenkins builds (inscripts/lib/jenkins-common/api_test_results.sh). - Sanitization: Partial. The skill performs technical sanitization such as stripping ANSI escape sequences (in
scripts/lib/jenkins-common/failure_analysis.sh) and HTML tags (inscripts/lib/jenkins-common/api_test_results.sh), but it lacks semantic filtering for adversarial prompt patterns.
Audit Metadata