detecting-shadow-api-endpoints
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The Python scripts utilize
yaml.safe_load()for parsing OpenAPI specifications, which effectively mitigates security risks associated with untrusted YAML data deserialization. - [SAFE]: File system operations are appropriately scoped to reading local access logs and writing discovery reports, with no evidence of unauthorized access to sensitive files or system configurations.
- [SAFE]: Shell commands provided for cloud infrastructure auditing and repository scanning leverage established tools such as the AWS CLI, grep, and yq for their intended security analysis purposes.
- [SAFE]: No data exfiltration patterns, hardcoded credentials, persistence mechanisms, or prompt injection attempts were identified in the analyzed instructions or code.
- [SAFE]: While the skill processes untrusted log data, its logic is restricted to regex-based extraction and keyword matching, which does not introduce a viable vector for indirect prompt injection or code execution from the input data.
Audit Metadata