write-configs
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No prompt injection or behavior override patterns were detected. The instructions are focused on operational formatting for FortiOS CLI.
- [DATA_EXFILTRATION]: No sensitive file access, network requests, or hardcoded credentials were found. The skill explicitly warns against copying encrypted secrets from configuration snapshots and uses placeholders for sensitive values.
- [OBFUSCATION]: No hidden characters, encoded payloads, or obfuscation techniques were identified.
- [REMOTE_CODE_EXECUTION]: The skill contains no code or external script downloads. It is entirely composed of markdown-based guidance.
- [COMMAND_EXECUTION]: No shell commands or system-level execution patterns were found. The skill provides CLI templates for a third-party firewall system (FortiGate) to be manually reviewed and applied by a user.
- [PRIVILEGE_ESCALATION]: No attempts to escalate privileges or bypass system security were found. The skill recommends using secure protocols (SSH/HTTPS) over insecure ones (Telnet).
- [INDIRECT_PROMPT_INJECTION]: The skill advises the agent to read existing configurations to inform new ones, creating a minor surface for indirect injection if the existing configuration contains malicious metadata. However, the skill provides structural guidelines and security constraints that mitigate risk, and it generates text for human review rather than automatic execution.
- [SAFE]: The skill follows security best practices for network configuration, including requirements for strong cryptographic standards (IKEv2, AES256, SHA256, DH Group 14+) and the explicit prohibition of insecure legacy protocols.
Audit Metadata