kro-rgd-pulumi
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHNO_CODEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [NO_CODE] (HIGH): The skill is missing its core functional files (web-application.ts, database-application.ts, fullstack-application.ts, and multi-environment.ts) referenced in index.ts. This prevents a security audit of the actual resource definitions.
- [REMOTE_CODE_EXECUTION] (HIGH): Pulumi deployment involves executing code that modifies remote cloud resources. This represents a high-impact capability that could be exploited to provision unauthorized infrastructure if input parameters are influenced by an attacker.
- [COMMAND_EXECUTION] (MEDIUM): The documentation suggests the use of high-privilege CLI tools (pulumi, kubectl) which require administrative credentials and can perform destructive operations on the environment.
- [PROMPT_INJECTION] (HIGH): The skill possesses a significant indirect prompt injection surface. It ingests user-controlled data into infrastructure-as-code templates without explicit boundary markers or comprehensive sanitization, coupled with high-privilege modification capabilities.
Recommendations
- AI detected serious security threats
Audit Metadata