Skills
skills/davepoon/buildwithclaude/ops-fires/Gen Agent Trust Hub

ops-fires

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses dynamic context injection via the !command`` syntax to execute local binaries (ops-infra, ops-ci, and ops-external) from the plugin's bin directory at load time to populate the dashboard data.
  • [COMMAND_EXECUTION]: Orchestrates various CLI tools including aws, gh, and sentry-cli through the Bash and Monitor tools to investigate service health and stream logs.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing external data from Sentry error logs and project health checks. Evidence chain: 1. Ingestion points: Sentry issue descriptions and ops-external output; 2. Boundary markers: Absent; 3. Capability inventory: Bash, Agent, and TaskUpdate tools; 4. Sanitization: Absent. Risk is mitigated by the use of AskUserQuestion to confirm agent dispatch and fixes.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 06:48 AM