buildkite
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The script/setup file installs the Buildkite CLI and jq utility via Homebrew. Buildkite is a well-known service and the sources are its official GitHub repositories. These operations are considered safe as they use trusted infrastructure.
- [PROMPT_INJECTION]: The skill exhibits vulnerability to indirect prompt injection by processing external build data.
- Ingestion points: Output from bk job log JOB_ID and bk build view.
- Boundary markers: Absent; there are no delimiters or instructions to ignore embedded instructions in logs.
- Capability inventory: The agent has access to state-changing operations via bk api (POST/DELETE), bk build create, and bk build rebuild.
- Sanitization: The skill does not escape or validate log content before it is processed by the agent.
Audit Metadata