temporal
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of administrative commands via the
temporalCLI andkubectl. It enables operations such as terminating, resetting, and cancelling workflows, as well as fetching worker logs. These capabilities are consistent with the skill's primary purpose of workflow operations. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks due to the ingestion of untrusted data from external sources.
- Ingestion points: Workflow history JSON data (via
temporal workflow showinSKILL.md) and container logs (viakubectl logsinassets/temporal-triage.md). - Boundary markers: No delimiters or instructions are provided to the agent to ignore embedded commands in ingested data.
- Capability inventory: The agent has high-privilege access to the Temporal cluster (can cancel/terminate/reset) and can execute repository scripts via
bun run. - Sanitization: No sanitization or validation of the fetched history or log data is performed before analysis.
Audit Metadata