devops-troubleshooter
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process untrusted external data, creating an attack surface for indirect prompt injection.
- Ingestion points: The instructions explicitly direct the agent to analyze system logs (ELK, Loki), distributed traces (Jaeger, OpenTelemetry), and internal files like
resources/implementation-playbook.md. - Boundary markers: Absent. The prompt does not provide delimiters or instructions to treat data from logs/traces as non-executable text, which could allow an attacker to embed malicious commands in log streams that the agent might follow.
- Capability inventory: The persona claims 'mastery' and assumes access to powerful infrastructure tools, including
kubectl,terraform,ansible, and various cloud platform CLIs (AWS, Azure, GCP), as well as database management and network analysis tools. - Sanitization: Absent. There are no instructions for the agent to sanitize, escape, or validate the data being analyzed before acting upon it.
- [NO_CODE]: The skill consists entirely of Markdown instructions and a persona definition. No executable scripts, binaries, or installation commands are present in the provided file.
Audit Metadata