devops-engineer
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides numerous scripts and templates that execute system commands via kubectl, terraform, and the GitHub CLI to manage infrastructure, deployments, and incident response. One script performs automated rollbacks based on external Prometheus data.
- [CREDENTIALS_UNSAFE]: A development Docker Compose template in the references contains default hardcoded credentials (user/pass) for a local database.
- [EXTERNAL_DOWNLOADS]: Documentation and CI/CD templates include steps to download and install packages from public registries using tools like npm, pip, and poetry.
- [PROMPT_INJECTION]: The skill has a vulnerability surface for indirect prompt injection. 1. Ingestion points: Natural language requests for CI/CD tasks and metrics data from Prometheus (references/incident-response.md). 2. Boundary markers: The SKILL.md includes a safety guard warning against executing destructive commands without confirmation. 3. Capability inventory: The skill utilizes kubectl, terraform, docker, and gh CLI for administrative operations across various reference files. 4. Sanitization: No explicit input sanitization or validation is present in the script templates.
Audit Metadata