create-infrastructure
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides legitimate templates for configuring infrastructure on the Harness platform. It does not contain hardcoded credentials, malicious scripts, or obfuscated content.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection. (1) Ingestion points: User queries for infrastructure creation. (2) Boundary markers: Absent. (3) Capability inventory: Uses the 'harness_create' MCP tool to modify infrastructure configuration. (4) Sanitization: No explicit validation of user input before interpolation into YAML templates. This is an expected surface for configuration-generating skills and does not impact the safety verdict.
Audit Metadata