Skills
skills/harness/harness-skills/gitops-status/Gen Agent Trust Hub

gitops-status

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill accesses operational data by fetching dashboard summaries, resource trees, and raw pod logs via the harness_get tool.- [COMMAND_EXECUTION]: The skill instructs the agent to perform administrative actions, specifically triggering GitOps application synchronization using the harness_execute tool.- [PROMPT_INJECTION]: An indirect prompt injection surface is present because the skill ingests external data from pod logs and application events.
  • Ingestion points: Data enters the context via harness_get (resource_type: gitops_pod_log) and harness_list (resource_type: gitops_app_event).
  • Boundary markers: None are present to distinguish logs or event data from system instructions.
  • Capability inventory: The agent can execute sync actions via harness_execute and read further data via harness_get.
  • Sanitization: There is no evidence of sanitization or filtering applied to the retrieved log or event content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 06:18 AM
Security Audit — agent-trust-hub — gitops-status