ansible-convert
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted input data (shell scripts and Dockerfiles) to generate executable code (Ansible playbooks), which creates a vulnerability surface for indirect injection. 1. Ingestion points: User-provided shell scripts and Dockerfile instructions. 2. Boundary markers: Absent; there are no instructions for the agent to use delimiters or ignore instructions embedded within the source material. 3. Capability inventory: The agent generates functional infrastructure-as-code (Ansible). 4. Sanitization: Absent; no methodology is provided to sanitize or validate input content before conversion.
- No Executable Code (SAFE): The skill consists solely of markdown-based documentation and examples. It does not include Python scripts, Node.js packages, or any other executable files, minimizing the host-level attack surface.
Audit Metadata