managing-infra
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Infrastructure Best Practices (SAFE): The skill provides high-quality guidance on security, including non-root container users, read-only filesystems, dropped Kubernetes capabilities, and pinning GitHub Actions by SHA.
- Indirect Prompt Injection (LOW): The skill enables an attack surface for indirect injection as it processes local directory contents using powerful infrastructure tools like
kubectl,terraform, andhelm. - Ingestion points: Local file system (templates/ and user-provided directories processed by the bash tool).
- Boundary markers: Absent; no explicit instructions for the agent to verify the contents of the files before applying them to infrastructure.
- Capability inventory: Use of
Bashto executekubectl apply,helm upgrade, andterraform apply(SKILL.md, MAKEFILE.md, TERRAFORM.md). - Sanitization: Absent; the skill assumes the provided infrastructure manifests are trustworthy.
- Credentials (SAFE): Examples in KUBERNETES.md use generic placeholders like
postgres://user:pass@host/db, which is standard illustrative documentation and does not constitute a secret exposure.
Audit Metadata