Skills
skills/tomlord1122/tomtom-skill/cloud-architect/Gen Agent Trust Hub

cloud-architect

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses bash scripts to execute standard cloud infrastructure CLI tools.
  • validate-helm.sh executes helm lint and helm template to verify Kubernetes manifests.
  • validate-terraform.sh executes terraform init, terraform validate, and terraform fmt to verify infrastructure-as-code.
  • These commands are consistent with the skill's primary purpose and use secure array-based argument handling in the shell scripts to prevent shell injection.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes and displays the contents of user-provided Helm charts and Terraform files.
  • Ingestion points: The skill reads directory paths and file contents via script arguments (CHART_PATH, TF_DIR).
  • Boundary markers: There are no explicit delimiters or instructions to the LLM to ignore embedded content in the script output.
  • Capability inventory: The skill has the ability to execute subprocesses and read file outputs.
  • Sanitization: While the scripts prevent shell injection, the output of rendered templates is returned directly to the agent's context without sanitization, which could contain instructions intended to influence the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 03:45 PM