incident-response
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes official Harness MCP tools (harness_list, harness_status) to query operational data such as service lists and deployment executions. All operations are within the scope of the Harness platform ecosystem.
- [DATA_EXFILTRATION]: No evidence of unauthorized data exfiltration. The skill uses standard placeholders for organization and project IDs and does not communicate with non-whitelisted or suspicious external domains.
- [REMOTE_CODE_EXECUTION]: The skill does not perform any remote code execution, script downloads, or package installations.
- [PROMPT_INJECTION]: The instructions are strictly operational and lack any patterns designed to override agent behavior, bypass safety guardrails, or leak system prompts.
- [COMMAND_EXECUTION]: No shell commands, privilege escalation attempts (sudo), or persistence mechanisms were found in the skill content.
- [INDIRECT_PROMPT_INJECTION]: While the skill ingests data from tool outputs (harness_list), it lacks the high-risk capabilities (like file writes or shell execution) required for an exploitable indirect injection attack. The primary output is structured text and postmortem documents.
Audit Metadata