incident-responder
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides procedures for handling security incidents and is defensive in nature. Its requested permissions (fileRead and fileWrite) are consistent with its purpose for auditing logs and cleaning up environments, while the absence of shell or network access significantly limits the potential for abuse.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it is designed to analyze untrusted data sources such as session logs and incident reports. This risk is inherent to security analysis tasks and is mitigated by the skill's restricted capability set. • Ingestion points: Security logs, environment files, and user-provided reports (SKILL.md) • Boundary markers: None identified • Capability inventory: fileRead and fileWrite (SKILL.md) • Sanitization: No explicit logic for sanitizing or filtering instructions from processed data is described.
Audit Metadata