yq-yaml-processing
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to ingest and process untrusted YAML data from various sources.\n
- Ingestion points: The skill reads and transforms external configuration files including Kubernetes manifests (
deployment.yaml), GitHub Actions workflows (.github/workflows/*.yml), and Helm charts (values.yaml).\n - Boundary markers: There are no instructions to use delimiters or ignore instructions that might be embedded within the YAML files being processed.\n
- Capability inventory: The skill utilizes tools like 'Bash(yq *)', 'Write', and 'Edit', allowing it to modify system configurations based on processed data.\n
- Sanitization: The skill does not implement or suggest sanitization or validation of the YAML content to prevent the execution of instructions contained within the data fields.
Audit Metadata