infrastructure-engineer
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches company synchronization data from the vendor-owned domain
https://wazoo.dev. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting external JSON-LD data to synchronize context.
- Ingestion points: External fetch of
https://wazoo.devdefined inSKILL.md. - Boundary markers: No delimiters or ignore instructions are provided for the ingested data.
- Capability inventory: CI/CD pipeline management, IaC automation, and access control as described in
SKILL.md. - Sanitization: No explicit validation or sanitization logic is present for the remote graph data.
Audit Metadata