haproxy
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides standard HAProxy management commands such as
sudo systemctl reload haproxyandsudo socat. These are intended behaviors required for service administration and runtime interaction. - [CREDENTIALS_UNSAFE]: Includes a boilerplate
admin:passwordstring in the HAProxy stats dashboard configuration. This is a generic documentation placeholder and does not represent a sensitive secret leak. - [EXTERNAL_DOWNLOADS]: References official Docker images for
haproxy:2.8andnginx:alpinefrom well-known public registries. - [PROMPT_INJECTION]: The skill provides templates that incorporate variables, creating a surface for indirect injection if an agent interpolates unsanitized user data.
- Ingestion points: Variable fields for IP addresses, domains, and paths in configuration snippets within
SKILL.md. - Boundary markers: None present in the configuration examples.
- Capability inventory: Subprocess execution for service management and socket interaction commands.
- Sanitization: Not applicable as the skill provides static templates for demonstration purposes.
Audit Metadata