Skills
skills/harness/harness-skills/configure-repo-scan/Gen Agent Trust Hub

configure-repo-scan

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the harness_get MCP tool to retrieve current pipeline YAML configurations and the harness_update tool to commit structural changes to the pipeline execution logic.
  • [SAFE]: All external URL references and help documentation links point to official Harness domains (harness.io).
  • [PROMPT_INJECTION]: 1. Ingestion points: The skill ingests untrusted YAML configuration data from existing pipelines via the harness_get tool in SKILL.md. 2. Boundary markers: No explicit delimiters or 'ignore' instructions are used when processing the retrieved YAML. 3. Capability inventory: The skill includes the capability to modify and overwrite pipeline configurations using the harness_update tool in SKILL.md. 4. Sanitization: The skill relies on hardcoded YAML templates for scanner steps, ensuring that the inserted content follows a strict schema and reducing the risk of malicious payload injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 12:57 AM
Security Audit — agent-trust-hub — configure-repo-scan