grey-haven-incident-response
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill requests access to the Bash and WebFetch tools in its metadata. While these are powerful, they are contextually appropriate for an SRE incident response skill intended to diagnose production issues. The templates provide placeholder commands (e.g., kubectl, curl) for documentation purposes rather than automated execution.
- [NO_CODE] (SAFE): The skill consists entirely of Markdown documentation and templates. No executable Python or JavaScript scripts are included in the package.
- [DATA_EXFILTRATION] (SAFE): No hardcoded credentials or attempts to exfiltrate sensitive files were detected. Use of placeholders like '[API KEY]' is restricted to documentation examples.
- [INDIRECT_PROMPT_INJECTION] (LOW): Surface analysis: (1) Ingestion: The skill is designed to process external data like logs and metrics. (2) Boundary markers: Templates use structured headers and placeholders. (3) Capabilities: High (Bash, WebFetch, Write). (4) Sanitization: No active sanitization is defined in the static templates. Risk is minimal and inherent to the intended SRE use case.
Audit Metadata