skills/seqis/openclaw-skills-converted-from-claude-code/agent-ai-ml-ops-specialist/Gen Agent Trust Hub
agent-ai-ml-ops-specialist
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill configuration defines a legitimate specialist persona without introducing malicious logic or bypass instructions.
- [COMMAND_EXECUTION]: The skill provides illustrative bash commands for ML tools (MLflow, Feast, BentoML) intended for reference; no arbitrary or dangerous command execution was identified.
- [PROMPT_INJECTION]: The skill has a structural vulnerability to indirect prompt injection due to its operational design. Evidence: (1) Ingestion points: The agent uses
WebSearchandWebFetchfor external data and is instructed to read~/.claude/skills/ai-ml-ops/SKILL.md. (2) Boundary markers: No explicit delimiters are present in the instructions. (3) Capability inventory: The agent has access toBash,Write, andEdittools. (4) Sanitization: No content validation is specified. This risk is inherent to the agent's research-oriented role and is assessed as safe in this context. - [EXTERNAL_DOWNLOADS]: The agent is equipped with standard web-fetching capabilities used for information retrieval; no automated remote script execution patterns were found.
Audit Metadata