openssl-cli
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Provides instructions for using the openssl CLI to perform cryptographic operations like key generation, CSR creation, and certificate format conversion.
- [EXTERNAL_DOWNLOADS]: Includes the s_client command to connect to remote servers and fetch certificate chains for inspection.
- [PROMPT_INJECTION]: Indirect prompt injection surface exists when the agent processes data from external sources (remote certificates) or local files. 1. Ingestion points: Remote certificates from s_client and local certificate files (.pem, .crt, .p12). 2. Boundary markers: No explicit delimiters or instructions to ignore embedded content are provided in the command examples. 3. Capability inventory: The skill enables file system writing (key generation), network connectivity (s_client), and shell processing via CLI utilities. 4. Sanitization: No sanitization of certificate fields is mentioned prior to the agent processing the output.
Audit Metadata