sre-engineer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and analyze external data such as incident reports, system architecture, and monitoring metrics, which creates a surface for indirect prompt injection attacks. Malicious instructions embedded in these data sources could potentially influence the generation of automation scripts.\n
- Ingestion points: SKILL.md specifies that the agent should assess architecture, SLOs, and incident reports.\n
- Boundary markers: There are no defined delimiters or instructions to ignore potential commands within the ingested data.\n
- Capability inventory: SKILL.md explicitly directs the agent to generate automation scripts in Python, Go, and Terraform.\n
- Sanitization: No input validation or content escaping logic is described to protect the script generation process from malicious data interpolation.
Audit Metadata