sap-btp-integration-suite
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No attempts to override agent behavior, bypass safety guidelines, or extract system prompts were detected. The instructions are strictly focused on technical documentation for SAP BTP.
- [DATA_EXFILTRATION]: No patterns of unauthorized data access or exfiltration were found. Network references and documentation links point exclusively to official SAP domains (sap.com) and well-known, trusted technology services.
- [REMOTE_CODE_EXECUTION]: The skill does not contain instructions to download or execute scripts from untrusted remote sources. It correctly directs users toward official SAP repositories and help portals.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials, API keys, or secrets were found. The documentation and templates follow security best practices by instructing users to use SAP's secure credential artifacts (e.g., SecureStoreService) and providing clear placeholders like 'CredentialName' or '{{AUTHOR}}'.
- [COMMAND_EXECUTION]: The skill includes references to standard CLI tools (kubectl, cf logs) and lists the Bash tool in its allowed-tools configuration. These are used in a benign, instructional context appropriate for developers managing enterprise cloud environments.
- [DYNAMIC_EXECUTION]: The provided Groovy and XML templates represent standard SAP Integration Suite patterns. The documentation explicitly advises against unsafe practices like using the 'Eval' class, demonstrating a focus on security best practices.
Audit Metadata