apache-airflow-orchestration
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- Category 8: Indirect Prompt Injection (SAFE): The documentation indicates that the skill was developed by fetching data from the trusted 'apache/airflow' repository. This design-time data ingestion is from a verified source and does not represent a runtime vulnerability. * Ingestion point: apache/airflow documentation. * Boundary markers: Not specified in the summary report. * Capability inventory: Support for BashOperator, PythonOperator, and Kubernetes execution. * Sanitization: Not specified.
- Automated Scanner Alert (SAFE): The reported malicious URL 'logger.info' is a false positive of a standard Python logging method. This string does not appear in the provided validation summary file and no actual network communication to this address is evidenced.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata