manage-supply-chain
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is authored by Harness and uses platform-specific MCP tools (
harness_list,harness_create) for legitimate administrative tasks related to Software Supply Chain Assurance (SSCA). - [COMMAND_EXECUTION]: No unauthorized or dangerous command execution was identified. The skill interacts with the Harness environment through defined MCP tools to configure pipelines and policies.
- [DATA_EXFILTRATION]: No patterns of data exfiltration or credential harvesting were found. The skill guides the user through standard authentication and project selection workflows.
- [PROMPT_INJECTION]: No attempts to override agent instructions or bypass safety filters were detected in the instructions or metadata.
- [DYNAMIC_EXECUTION]: The skill involves creating OPA (Rego) policies. While this is a form of dynamic code generation, it is the primary intended purpose of the skill for supply chain governance and is performed through authorized platform tools.
Audit Metadata