Skills
skills/rhecosystemappeng/agentic-collections/vm-clone/Gen Agent Trust Hub

vm-clone

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface identified. 1. Ingestion points: User-provided VM names, namespaces, and VM specifications retrieved via the resources_get tool in SKILL.md. 2. Boundary markers: Absent from the workflow instructions. 3. Capability inventory: Ability to create or update VirtualMachine and PVC resources using resources_create_or_update in SKILL.md. 4. Sanitization: Not explicitly documented for input strings.
  • [DATA_EXFILTRATION]: The skill uses the KUBECONFIG environment variable for cluster access and includes explicit security warnings in SKILL.md to prevent the exposure of path or credential values.
  • [EXTERNAL_DOWNLOADS]: The skill references the openshift-virtualization MCP server and official documentation from Red Hat and Kubernetes. These references target well-known and trusted services.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 04:04 PM