optimize-pipeline
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to guide the agent through optimizing build and test processes within the Harness ecosystem. All instructions are consistent with this stated purpose.
- [DATA_EXPOSURE]: The skill accesses pipeline execution data and metadata using 'harness_list' and 'harness_get' MCP tools. This data access is targeted at performance metrics (timing, cache hit rates) and is limited to the scope of the organization and project specified by the user.
- [PROMPT_INJECTION]: The skill incorporates external data from Harness pipeline executions, which represents a potential surface for Indirect Prompt Injection. However, the data is used for diagnostic analysis (bottleneck identification and strategy design) rather than being executed as instructions, and no malicious overrides were found.
- [REMOTE_CODE_EXECUTION]: No patterns for remote code execution, unauthorized package installations, or shell command injections were found. The skill describes configuration strategies for CI/CD environments rather than executing arbitrary scripts.
Audit Metadata