service-health-check
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing external data from multiple sources to build its service manifest and evaluate health.
- Ingestion points: The skill reads service definitions and process patterns from
services.jsonin the project root and monitors status files located in/tmp/. - Boundary markers: There are no explicit delimiters or instructions provided to the agent to distinguish between valid data and potentially malicious natural language instructions embedded within these external JSON or configuration files.
- Capability inventory: The skill has the capability to execute shell commands including
pgrep,ss, andgrepvia the Bash tool to perform its checks. - Sanitization: While the instructions include logic to validate port numbers and identify broad process patterns, there is no explicit sanitization of string content from external files before it is used in command interpolation or generated reports.
Audit Metadata