chaos-engineering-resilience
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of high-impact infrastructure operations, including pod termination, node draining, and network latency injection using tools such as
kubectl,tc, andChaos Monkey. These actions are core to the skill's purpose of validating system fault tolerance and are well-documented. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface through the processing of natural language chaos scenarios.
- Ingestion points: The
scenariofield inevals/chaos-engineering-resilience.yamlaccepts untrusted natural language descriptions that drive agent behavior. - Boundary markers: No specific delimiters or instructions to ignore embedded malicious prompts were identified in the scenario processing logic.
- Capability inventory: Agents possess significant permissions to modify infrastructure, manipulate network traffic, and exhaust system resources.
- Sanitization: No evidence of input validation or sanitization was found for the natural language scenarios before they are interpreted for task execution.
Audit Metadata