Skills
skills/pablozaiden/caira-skill-poc/caira/Gen Agent Trust Hub

caira

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Retrieves architectural designs, documentation, and Terraform module configurations from the Microsoft CAIRA repository on GitHub. These operations target a trusted organization and utilize a well-known service.
  • [COMMAND_EXECUTION]: Provides a curl command template to fetch the latest release tag from the GitHub API, which is used to ensure infrastructure code is pinned to stable versions.
  • [PROMPT_INJECTION]: Identifies a surface for indirect prompt injection as the skill ingests content from an external repository. Ingestion points: The skill fetches data from microsoft/CAIRA via the GitHub API (referenced in SKILL.md and caira-file-mapping.md). Boundary markers: No explicit delimiters are used to separate repository content from agent instructions. Capability inventory: The skill performs network requests via curl and handles file scaffolding logic. Sanitization: No specific filtering or escaping of repository data is implemented before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 08:42 PM