Skills
skills/ypyt1/all-skills/devops-automator/Gen Agent Trust Hub

devops-automator

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8).
  • Ingestion points: The agent processes user input and context to generate CI/CD and infrastructure code as described in the examples in references/agents/devops-automator.md.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the system prompt.
  • Capability inventory: The agent has access to powerful tools including Bash, Write, Read, and MultiEdit.
  • Sanitization: There is no evidence of input validation or sanitization before processing user data.
  • [COMMAND_EXECUTION]: The skill defines access to the Bash tool in references/agents/devops-automator.md, allowing for arbitrary command execution on the host system to perform DevOps tasks. While intended for automation, this capability increases the risk associated with potential prompt injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:37 AM