Skills
skills/hainamchung/agent-assistant/devops-engineer/Gen Agent Trust Hub

devops-engineer

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill provides scripts and workflows that ingest untrusted data from external sources such as application logs and Prometheus metrics.
  • Ingestion points: references/incident-response.md (functions using kubectl logs and prometheus_api_client queries).
  • Boundary markers: Absent in example scripts.
  • Capability inventory: kubectl (rollout, exec, set image), git (push/clone), and gh (repo management) across multiple reference files.
  • Sanitization: No explicit sanitization of log content or metric labels before processing.
  • [Command Execution] (LOW): The skill contains references to high-privilege commands like kubectl exec and tcpdump for incident forensics in references/incident-response.md. These findings are downgraded to LOW as they are intrinsic to the primary DevOps/SRE purpose.
  • [External Downloads] (LOW): The skill references standard industry tools (git, gh, kubectl) and trusted GitHub Actions (actions/checkout, docker/setup-buildx-action). These align with the [TRUST-SCOPE-RULE] and are consistent with DevOps workflows.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:43 PM