Skills
NYC
skills/smithery/ai/secops-triage/Gen Agent Trust Hub

secops-triage

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill possesses an attack surface for indirect prompt injection by processing external, untrusted content while holding write/decision-making privileges (closing cases).
  • Ingestion points: Data is ingested in SKILL.md via tools like get_case (reading alert/case descriptions) and udm_search/search_security_events (reading raw SIEM logs).
  • Boundary markers: Absent. There are no delimiters or instructions to treat the ingested case/log data as untrusted text rather than instructions.
  • Capability inventory: The skill uses execute_bulk_close_case to perform side-effects and create_case_comment to document reasoning based on the ingested data.
  • Sanitization: There is no logic provided to sanitize or filter the content of the alerts or logs before processing.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 08:41 AM