adobe-incident-runbook
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses legitimate CLI tools including curl, kubectl, gcloud, and aws to perform diagnostics and recovery operations. These commands are consistent with the skill's purpose as an SRE runbook.
- [EXTERNAL_DOWNLOADS]: The skill interacts with Adobe's official status page and API endpoints for triage purposes. It also performs health checks against a user-configurable application endpoint. These operations are diagnostic in nature and do not download or execute untrusted code.
- [PROMPT_INJECTION]: The skill ingests external data from system logs and HTTP responses during triage. This presents a theoretical surface for indirect prompt injection (Category 8), but the risk is inherent to the monitoring task and is mitigated by the use of structured parsing tools like jq and json.tool.
- [REMOTE_CODE_EXECUTION]: Automated scans flagged a command piping curl output to python3. Analysis confirms this is using the standard 'python3 -m json.tool' module for JSON formatting, which is a safe operation and not an execution of remote code.
Audit Metadata