devops-troubleshooter
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill possesses a significant vulnerability surface where untrusted data could influence high-privilege operations.
- Ingestion points: The skill is designed to ingest and analyze external data from monitoring tools like ELK and Datadog, including logs, metrics, and traces (SKILL.md).
- Boundary markers: Absent; there are no instructions to the agent to treat external log content as data rather than instructions.
- Capability inventory: The skill specifies capabilities for deployment rollbacks, emergency hotfix implementation, and container debugging via kubectl (SKILL.md).
- Sanitization: Absent; no validation or escaping of log content is described.
- [Command Execution] (MEDIUM): The skill focuses on generating and executing system-level troubleshooting and hotfix commands. While expected for a DevOps role, the potential for executing commands derived from untrusted log data increases the risk profile.
Recommendations
- AI detected serious security threats
Audit Metadata