devops-engineer
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes numerous shell commands for container orchestration, build processes, and database management using tools like kubectl, docker, npm, and psql. These are standard operations for a DevOps role.\n- [EXTERNAL_DOWNLOADS]: Deployment workflows describe downloading software packages and container images from well-known technology providers and public registries.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection via the log monitoring workflow. Application logs read by the agent could contain malicious data intended to manipulate agent responses.\n
- Ingestion points: Log monitoring in workflows/deployment.md.\n
- Boundary markers: No delimiters are specified to separate untrusted log data from agent instructions.\n
- Capability inventory: The agent has high-privilege access to infrastructure management tools.\n
- Sanitization: No mechanisms for sanitizing or filtering log content are mentioned.
Audit Metadata