migrate-pipeline
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external pipeline configuration data, creating a surface for indirect prompt injection attacks.
- Ingestion points: Untrusted pipeline data enters the agent context via the
harness_gettool mentioned inSKILL.md. - Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions for the data being transformed.
- Capability inventory: The skill has the capability to modify environment resources using the
harness_updatetool. - Sanitization: There is no evidence of schema validation or content filtering for the incoming pipeline YAML before it is presented or updated.
Audit Metadata