run-pipeline
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes data from external sources (Harness pipeline configurations and execution logs) and possesses the capability to execute actions like triggering or aborting pipelines.
- Ingestion points: Data enters the context via
harness_get(pipeline details, execution status) andharness_list(input sets, approval instances). - Boundary markers: The instructions do not explicitly define delimiters for tool outputs, but they do include a "Safety" section requiring explicit user confirmation before high-stakes actions like production deployments.
- Capability inventory: The skill can search, list, get details, execute, monitor, approve, retry, and interrupt Harness pipelines and executions across all scripts (SKILL.md).
- Sanitization: No specific sanitization or filtering of external data is described within the skill instructions.
Audit Metadata