debug-rhel
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses SSH to execute diagnostic commands like systemctl status, journalctl, and firewall-cmd on remote RHEL systems. These operations are intended for troubleshooting and require user-confirmed credentials.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. 1. Ingestion points: journalctl logs and ausearch output (SKILL.md, Phase 4 and 5). 2. Boundary markers: Markdown triple backticks are used to delimit log data. 3. Capability inventory: The agent can execute SSH commands and suggest remediation via sudo. 4. Sanitization: No explicit log filtering or sanitization is mentioned.
Audit Metadata