run-uat
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes repository-local shell scripts (uat-run.sh, generate-demo-artifacts.sh) and a .NET project (Oocx.TfPlan2Md) to manage UAT workflows. These operations are core to the skill's functionality for creating and cleaning up testing environments.\n- [EXTERNAL_DOWNLOADS]: Performs git submodule updates and interacts with GitHub and Azure DevOps platforms via CLI tools (gh, az). These interactions target well-known services and are required for the skill's operation.\n- [PROMPT_INJECTION]: Vulnerable to indirect prompt injection (Category 8) due to processing external data.\n
- Ingestion points: Reads markdown content from files in the artifacts directory and accepts user input via the --instructions flag (SKILL.md).\n
- Boundary markers: Lacks explicit delimiters when interpolating artifact content into PR comments.\n
- Capability inventory: Access to shell execution, .NET runtime, and platform CLI tools with authentication tokens.\n
- Sanitization: No evidence of content validation or escaping before data is posted to external pull requests.
Audit Metadata