log-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes instructions for the Bash tool to execute
docker execandpscommands to interact with the container for diagnostics and log extraction. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it reads and processes log files that may contain untrusted data from external network sources.
- Ingestion points: Reads log files from
/storage/usbdisk1/mikopbx/log/via container execution and from a local vendor-specific path. - Boundary markers: No explicit delimiters or safety instructions are used to isolate log content from the agent's control context.
- Capability inventory: The skill utilizes Bash, Read, Grep, and Glob tools which permit command execution and file reading.
- Sanitization: No input validation or output filtering is applied to the log content before it is processed by the agent. Note: All identified resources, including file paths and process names, are consistent with legitimate vendor-provided tools for MikoPBX.
Audit Metadata