Skills
skills/prowler-cloud/prowler/prowler-attack-paths-query/Gen Agent Trust Hub

prowler-attack-paths-query

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches attack path definitions and schema documentation from well-known technology and research repositories.
  • Evidence: Downloads from raw.githubusercontent.com/DataDog/pathfinding.cloud, raw.githubusercontent.com/cartography-cncf/cartography, and raw.githubusercontent.com/prowler-cloud/cartography.
  • [COMMAND_EXECUTION]: Employs Bash commands to fetch and parse remote data using curl piped into jq or python3.
  • Evidence: Execution of curl -s ... | jq and curl -s ... | python3 -c "..." to extract specific JSON objects from a large dataset.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests external data for use in code generation templates.
  • Ingestion points: External JSON from pathfinding.cloud and schema markdown from cartography repositories (SKILL.md).
  • Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the fetched data.
  • Capability inventory: The agent has access to Edit, Write, and Bash tools allowing modification of the local codebase and execution of system commands.
  • Sanitization: No explicit validation or escaping of the fetched external content is described before its interpolation into generated Python and Cypher code.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 03:41 PM