remediation
Warn
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill manages the execution of Ansible playbooks through the
/playbook-executorsub-skill to remediate vulnerabilities on remote systems. - Evidence: Step 5 (Execute Playbook) triggers the execution phase using the Ansible Automation Platform (AAP) integrations.
- [REMOTE_CODE_EXECUTION]: The skill workflow involves the dynamic generation of code (Ansible playbooks) by one component and its execution by another.
- Evidence: The instructions describe generating a playbook in Step 4 and executing it in Step 5.
- Mitigation: The skill requires mandatory human verification of the playbook content and remediation plan before any execution occurs.
- [PROMPT_INJECTION]: The skill processes user-supplied data such as CVE IDs and system lists that could potentially contain malicious instructions intended to influence the generated output.
- Ingestion points: User-provided CVE identifiers and system context gathered in
SKILL.md. - Boundary markers: No explicit delimiter markers are specified in the prompt templates.
- Capability inventory: The skill can trigger remote system modifications and file writes via its orchestration of sub-skills.
- Sanitization: Employs a dedicated validation step (Step 2) and relies on manual user review of generated content.
- [EXTERNAL_DOWNLOADS]: The skill relies on external MCP servers for data retrieval and task execution.
- Evidence: The skill requires
lightspeed-mcp,aap-mcp-job-management, andaap-mcp-inventory-managementservers. - Context: These are trusted vendor-managed resources necessary for the skill's intended operation.
Audit Metadata