fusion-infra-cli
Pass
Audited by Gen Agent Trust Hub on Jul 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
finfCLI tool as a .NET global tool from a vendor-owned NuGet feed on Azure DevOps (statoil-proview.pkgs.visualstudio.com). This is a standard and expected operation for obtaining the necessary tooling for this skill. - [COMMAND_EXECUTION]: The skill utilizes the
finfcommand-line utility to perform infrastructure management tasks, such as database provisioning and migration execution, which involves running shell commands with user-supplied arguments. - [PROMPT_INJECTION]: The skill handles untrusted data from JSON configuration files and SQL migration scripts, creating an indirect prompt injection surface where malicious instructions could potentially be embedded in the data.
- Ingestion points: The skill reads configuration from
db-config.jsonand migration content from SQL files in a specified directory (SKILL.md). - Boundary markers: Absent. There are no instructions to the agent to use delimiters or ignore embedded instructions when processing these external files.
- Capability inventory: The skill has the capability to execute shell commands (
finf), provision cloud infrastructure (databases), and execute SQL code (migrations). - Sanitization: Absent. The skill documentation does not mention any validation or sanitization steps for the content within the configuration or migration files before they are processed by the CLI tool.
Audit Metadata