ideogram-multi-env-setup
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses AWS, GCP, and Vault CLI tools to retrieve secrets. This usage is well-documented and legitimate for the task of multi-environment configuration.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes data from external configuration files and secret manager outputs.
- Ingestion points: Configuration files (e.g., development.json, production.json) and CLI output from secret managers in SKILL.md.
- Boundary markers: Absent; the instructions do not specify markers to distinguish between system instructions and data content.
- Capability inventory: Bash tools (aws, gcloud, vault), Read, Write, and Edit in SKILL.md.
- Sanitization: Absent; no validation or sanitization is performed on the ingested data before it is used.
Audit Metadata