endor-policy
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads and runs the endorctl package from the NPM registry using npx at runtime.\n- [COMMAND_EXECUTION]: Executes shell commands via npx to interact with the Endor Labs API for creating and listing security policies.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to the way it handles external input.\n
- Ingestion points: Processes user-provided data for policy names, descriptions, filters, and exception justifications in SKILL.md.\n
- Boundary markers: Lacks explicit delimiters or instructions to prevent the execution of malicious instructions embedded within interpolated variables.\n
- Capability inventory: Has the capability to execute shell commands and modify organizational security settings.\n
- Sanitization: There is no evidence of sanitization or escaping of user input before it is used in shell command arguments or JSON payloads.
Audit Metadata