enforce-slsa
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill facilitates the configuration of security gates in CI/CD pipelines using official platform tools (
harness_get,harness_update,harness_list). It appropriately references platform-managed secrets for Cosign verification and provides documentation links to official Harness resources. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes external pipeline YAML data.
- Ingestion points: External pipeline configurations are ingested via
harness_getas described inSKILL.mdand the interactive wizard flow. - Boundary markers: Instructions do not specify the use of delimiters or 'ignore' instructions when handling the retrieved YAML context.
- Capability inventory: The agent is authorized to use
harness_update(to modify pipelines) andharness_list(to retrieve policy information). - Sanitization: Input data from the pipeline is mapped to new structures (e.g., repo to image_path) without explicit security validation or sanitization steps.
Audit Metadata