skills/insforge/insta-skills/insta/Gen Agent Trust Hub

insta

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The documented workflow involves ingesting external runtime data, which establishes an indirect prompt injection surface.
  • Ingestion points: insta logs and insta events pull live data from remote cloud services into the agent context as described in cli-reference.md.
  • Boundary markers: There are no instructions defining boundaries or ignore-directives for data originating from logs or events.
  • Capability inventory: The agent is provided with instructions for executing impactful commands such as insta deploy and insta project delete as listed in cli-reference.md.
  • Sanitization: No validation or sanitization processes are mentioned for external log or event data.
  • [COMMAND_EXECUTION]: The skill requires the agent to execute shell commands via the insta CLI for cloud infrastructure management and includes an auditing tool, insta observe, that installs a hook to monitor agent tool usage.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 09:42 PM
Security Audit — agent-trust-hub — insta