Skills
skills/jeremylongshore/claude-code-plugins-plus-skills/flux-gitops-setup/Gen Agent Trust Hub

flux-gitops-setup

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The skill enables the Bash tool to facilitate DevOps automation. Shell access allows for arbitrary command execution on the host system, which could be exploited if the agent is manipulated into running malicious scripts derived from untrusted input.\n- [PROMPT_INJECTION] (HIGH): The skill is vulnerable to Indirect Prompt Injection (Category 8). It is designed to ingest and process external GitOps configurations but lacks mandatory security measures:\n
  • Ingestion points: Processes external Git repositories and Helm charts.\n
  • Boundary markers: None present in the skill definition.\n
  • Capability inventory: Includes Bash, Write, and Edit tools.\n
  • Sanitization: No logic is provided to filter or escape instructions embedded within external data.\n- [NO_CODE] (LOW): The skill is implemented as a set of instructions rather than executable scripts. However, the high-trust environment it operates in (Kubernetes/IaC) elevates the risk associated with these instructions.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 11:40 AM