fusion-infra-cli

Pass

Audited by Gen Agent Trust Hub on Jul 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the finf CLI tool as a .NET global tool from a vendor-owned NuGet feed on Azure DevOps (statoil-proview.pkgs.visualstudio.com). This is a standard and expected operation for obtaining the necessary tooling for this skill.
  • [COMMAND_EXECUTION]: The skill utilizes the finf command-line utility to perform infrastructure management tasks, such as database provisioning and migration execution, which involves running shell commands with user-supplied arguments.
  • [PROMPT_INJECTION]: The skill handles untrusted data from JSON configuration files and SQL migration scripts, creating an indirect prompt injection surface where malicious instructions could potentially be embedded in the data.
  • Ingestion points: The skill reads configuration from db-config.json and migration content from SQL files in a specified directory (SKILL.md).
  • Boundary markers: Absent. There are no instructions to the agent to use delimiters or ignore embedded instructions when processing these external files.
  • Capability inventory: The skill has the capability to execute shell commands (finf), provision cloud infrastructure (databases), and execute SQL code (migrations).
  • Sanitization: Absent. The skill documentation does not mention any validation or sanitization steps for the content within the configuration or migration files before they are processed by the CLI tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 5, 2026, 09:08 AM
Security Audit — agent-trust-hub — fusion-infra-cli