cx-slos
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes system commands using the cx CLI tool and jq to manage SLO definitions and process structured data.
- [PROMPT_INJECTION]: The skill processes data from external JSON files via the --from-file flag, creating a surface for indirect prompt injection. Ingestion points: JSON definitions read by the cx slos create and cx slos update commands. Boundary markers: The skill does not provide delimiters or instructions for the agent to distinguish between data and potential commands within these files. Capability inventory: The skill can execute shell commands and perform file redirection. Sanitization: No sanitization or validation logic is defined for the content of the ingested files.
Audit Metadata