Skills
skills/prorise-cool/claude-code-multi-agent/devops-specialist/Gen Agent Trust Hub

devops-specialist

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill defines a high-risk attack surface by combining data ingestion with high-privilege system modifications.
  • Ingestion points: The 'Devops Troubleshooter' capability (deployment_devops-troubleshooter.md) explicitly involves 'analyzing logs' and 'fixing deployment failures,' which are attacker-controllable data sources.
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands in logs/outputs are present in the provided SKILL.md.
  • Capability inventory: The 'Deployment Engineer' (deployment_deployment-engineer.md) and tool-specific sections (Terraform, AWS, Kubernetes) provide the agent with the ability to execute commands, modify infrastructure, and alter CI/CD pipelines.
  • Sanitization: There is no evidence of sanitization or validation protocols for the external data being analyzed.
  • [Command Execution] (MEDIUM): The skill is designed to facilitate the use of powerful CLI tools (AWS CLI, GCP CLI, Ansible). While intended for DevOps automation, this capability allows for significant system impact if the agent's logic is subverted through malicious input.
  • [No Code] (INFO): The provided SKILL.md file contains no executable code or scripts itself, acting only as a navigational guide to other resource files.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 10:18 AM