manage-artifacts
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a standard administrative toolset for Harness Artifact Registry using specific MCP tools (
harness_list,harness_create). It contains no evidence of prompt injection, obfuscation, or persistence mechanisms. - [DATA_EXPOSURE]: The skill uses placeholders (e.g.,
<organization>,<project>) for sensitive identifiers and explicitly advises using CI/CD service accounts instead of personal credentials for push access. - [COMMAND_EXECUTION]: Resource creation and management are handled through defined MCP tool calls rather than arbitrary shell commands, minimizing the risk of command injection.
Audit Metadata