observability-sre
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file paths, or network-bound operations were detected in the skill files.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not define any external package dependencies (Python or Node.js) and contains no commands for downloading or executing remote scripts.
- [Prompt Injection] (SAFE): Identity and behavior instructions are aligned with the stated SRE role. No bypass markers or 'ignore previous instructions' patterns were found.
- [Indirect Prompt Injection] (LOW): The skill is designed to analyze user-provided code and configuration files (e.g., Python, Go, YAML). While this constitutes an ingestion point for untrusted data, the skill lacks high-privilege capabilities such as file-system writes or network access, which limits the potential impact of an injection attack.
- [Dynamic Execution] (SAFE): There are no patterns suggesting runtime code generation, compilation, or unsafe deserialization.
Audit Metadata