iblai-security-incident-triage

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and analyze potentially untrusted data from a compromised system (e.g., logs and process outputs), which is a common vector for indirect prompt injection.
  • Ingestion points: Data enters the agent's context through tools like journalctl, ps, ss, who, and lsof as specified in SKILL.md.
  • Boundary markers: There are no explicit delimiters or instructions provided to isolate the forensic data from the agent's command processing.
  • Capability inventory: The skill has access to Bash, Read, Write, and Grep tools, which allow it to interact with the host system and preserve evidence.
  • Sanitization: No specific sanitization or validation logic is applied to the forensic data before the agent interprets it.
  • Contextual Note: Although this represents a potential attack surface, the behavior is strictly limited to the skill's primary and legitimate purpose of security forensics and triage.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 03:47 PM
Security Audit — agent-trust-hub — iblai-security-incident-triage