clay-migration-deep-dive
Warn
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes instructions to execute high-privilege Kubernetes commands that modify deployment environments and trigger service restarts (e.g., kubectl set env, kubectl rollout restart).
- [EXTERNAL_DOWNLOADS]: The skill performs the installation of the @clay/sdk package from the public NPM registry.
- [PROMPT_INJECTION]: The skill performs discovery by scanning the local codebase for string patterns using grep, creating an indirect prompt injection surface where instructions hidden in the code could influence agent behavior. Evidence: 1. Ingestion: implementation-guide.md (grep operations). 2. Boundary markers: Absent. 3. Capability inventory: kubectl, npm install, Write, Edit. 4. Sanitization: Absent.
Audit Metadata