experiment-queue
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Orchestrates job execution on remote servers by constructing and running shell commands through SSH based on user-defined manifests.
- [REMOTE_CODE_EXECUTION]: Executes a background management script on remote SSH hosts to handle scheduling and monitoring.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes natural language descriptions to build execution manifests. It lacks boundary markers to delimit untrusted input and does not specify sanitization for interpolated variables in shell commands. Ingestion points: Natural language experiment descriptions and manifest files. Boundary markers: Absent. Capability inventory: Powerful shell execution capabilities via Bash and SSH tools. Sanitization: No explicit escaping or validation of user-provided grid parameters before they are interpolated into command strings.
Audit Metadata