gitops-workflow
Warn
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The 'Memory Protocol' section in 'SKILL.md' includes mandatory instructions that override standard agent behavior by requiring interaction with specific local file paths (e.g., 'C:\dev\projects\agent-studio.claude\context\memory\learnings.md'). This is a behavioral override designed to force persistence through direct host filesystem manipulation.
- [COMMAND_EXECUTION]: Documentation within 'SKILL.md' and 'references/argocd-setup.md' contains examples of commands that execute remote scripts with elevated privileges, specifically 'curl -s https://fluxcd.io/install.sh | sudo bash'. While the source is a well-known service, the execution pattern remains high-risk.
- [EXTERNAL_DOWNLOADS]: The skill fetches installation scripts and Kubernetes manifests from official and well-known sources including FluxCD (fluxcd.io) and ArgoCD (argoproj GitHub repository).
Audit Metadata