pipeline-evaluator
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to collect and analyze internal agent metrics to generate performance reports. It does not perform network requests, access sensitive system credentials, or execute external code.
- [INDIRECT_PROMPT_INJECTION]: The skill contains a data ingestion surface as it processes metadata generated by other agent tasks. 1. Ingestion points: Reads task
summary,deviations, andtestResultfields via theTaskGettool and project plan files via theReadtool. 2. Boundary markers: None identified; the skill assumes task metadata adheres to expected scoring formats. 3. Capability inventory: The skill usesTaskList,TaskGet, andReadtools. It also writes evaluation reports to the.claude/context/reports/directory. 4. Sanitization: The skill uses logic-based parsing (e.g., extracting pass/fail counts from strings) rather than executing data content, which limits the risk of instruction obedience from malicious metadata.
Audit Metadata