mistral-incident-runbook
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell scripts and CLI tools (kubectl, curl, grep) to manage infrastructure during incidents. These actions are within the defined scope of a response runbook and are restricted by the YAML frontmatter configuration.
- [DATA_EXFILTRATION]: Network operations are directed towards official API endpoints (api.mistral.ai), status pages (status.mistral.ai), and local monitoring services (localhost:9090). There is no evidence of unauthorized data transfer to untrusted third-party domains.
- [CREDENTIALS_UNSAFE]: While the skill manages authentication headers via the MISTRAL_API_KEY environment variable, it includes explicit logic to filter out sensitive keys when exporting deployment configurations (using
grep -v api-key) and limits key validation output to non-sensitive prefixes and lengths.
Audit Metadata