Skills
skills/grandcamel/confluence-assistant-skills/confluence-admin/Gen Agent Trust Hub

confluence-admin

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a CLI tool confluence admin to perform administrative tasks such as creating/deleting groups (group create, group delete) and managing user memberships (group add-user, group remove-user). These commands are standard for Confluence administration.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). It ingests untrusted data from Confluence, including user names, email addresses, and space descriptions, which are interpolated into the agent's context.
  • Ingestion points: User search results, group member lists, and space settings (SKILL.md).
  • Boundary markers: None identified in the provided documentation.
  • Capability inventory: Subprocess execution of the confluence CLI tool for both read and write operations.
  • Sanitization: No explicit sanitization or validation of the ingested Confluence data is described.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 07:14 PM