harbor
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- Unverifiable Dependencies (LOW): The skill instructs the agent to install the
harbortool usinguv tool install harbor. The source repository (laude-institute/harbor) is not within the predefined trusted organizations list. - Data Exposure (LOW): The documentation directs the agent to check
.local-workspace/.envfor sensitive API credentials such asANTHROPIC_API_KEY. While this is standard for tool configuration, it explicitly guides the agent to access files containing secrets. - Indirect Prompt Injection (LOW): The skill's primary function is to process and execute task definitions which include instructions and scripts.
- Ingestion points:
tasks/<task-id>/instruction.mdandtasks/<task-id>/task.toml. - Boundary markers: None specified in the provided documentation.
- Capability inventory: Shell command execution via
harbor run(which executestest.shandsolve.sh). - Sanitization: None specified; the framework is designed to execute scripts as part of the evaluation lifecycle.
Audit Metadata