devops-infrastructure
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
sudofor essential server hardening tasks like configuring theufwfirewall, installingfail2ban, and managing system services. These actions are appropriate for the primary role of a DevOps infrastructure skill. - [EXTERNAL_DOWNLOADS]: References well-known Docker images (Node, PHP, MySQL, Redis) and official or widely recognized GitHub Actions (actions/checkout, appleboy/ssh-action) for standard deployment pipelines.
- [PROMPT_INJECTION]: The skill identifies a vulnerability surface for indirect prompt injection by reading repository configuration files. Ingestion points: Processes
Dockerfile,docker-compose.yml, and.github/workflowsviaRead,Grep, andGlobtools. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are defined. Capability inventory: The agent maintains high-privilege access viaBashand system-levelEditcapabilities. Sanitization: No content validation or sanitization of configuration files is implemented.
Audit Metadata