Backstage Custom Resource
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests user requirements to generate Kubernetes manifests, specifically supporting strategic merge patches in the deployment.patch field. This presents a risk where malicious user input could lead to the generation of dangerous deployment configurations. 1. Ingestion points: User requirements provided during the CR creation workflow described in SKILL.md. 2. Boundary markers: None identified in the skill instructions to delimit user input from system instructions. 3. Capability inventory: Generation of Kubernetes API objects, including workload patches, volume mounts, and environment variables. 4. Sanitization: No explicit sanitization or validation logic is present for the user-provided configuration values.
Audit Metadata