nginx-configuration
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill uses the Bash tool to execute system service commands including 'systemctl', 'nginx', and 'journalctl'. These are standard for Nginx server management and align with the skill's primary purpose.
- [DATA_EXPOSURE] (SAFE): The skill accesses standard Nginx paths like /etc/nginx/ and /var/log/nginx/. No evidence of unauthorized sensitive data access or exfiltration was found.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is a surface for indirect injection if user-provided configuration values (like server_name or upstream targets) are not properly sanitized before being written to configuration files.
- Ingestion points: User-provided configuration parameters for Nginx directives.
- Boundary markers: None present in the provided templates.
- Capability inventory: Read, Write, Edit, Bash tools are enabled.
- Sanitization: No explicit validation or escaping of user input is implemented within the provided templates.
Audit Metadata