soc-operations
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests external content such as alert notes and indicators of compromise (IOCs). This untrusted data could attempt to influence the agent's summaries or reports. Given the skill is for report generation and display, the risk is assessed as low.\n
- Ingestion points: Data provided to
AlertTriageandShiftHandoverclasses as described inreferences/REFERENCE.md.\n - Boundary markers: None identified. The documentation does not specify delimiters for external content.\n
- Capability inventory: Report generation, KPI calculation, and structured documentation; no shell or network capabilities are documented.\n
- Sanitization: The API reference does not mention sanitization of input strings.\n- Missing Logic (NO_CODE): The implementation file
soc_utils.pyis referenced throughout the documentation but is not included in the provided skill package.
Audit Metadata