import-pulumi
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [No Code] (SAFE): The skill consists solely of a markdown instruction file (SKILL.md) and does not include any executable scripts, binaries, or automated command execution logic.
- [Command Execution] (SAFE): The skill provides templates for shell commands to be run by the user or an agent. It does not perform any autonomous execution of these commands.
- [Prompt Injection] (SAFE): No instructions were found that attempt to bypass safety filters, extract system prompts, or override agent behavior.
- [Data Exposure] (SAFE): No hardcoded credentials or sensitive file access patterns were detected. The file paths referenced (e.g., infra/src/stacks/*.ts) are internal to the Pulumi project structure and are accessed to resolve resource names.
- [Indirect Prompt Injection] (SAFE): The skill defines a surface for processing user-provided metadata (Project ID, Resource Name) to build command strings. However, since the skill is a guide and relies on standard delimiters, the risk is negligible and aligned with its primary purpose.
Audit Metadata