anth-incident-runbook
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides procedures for incident triage using official Anthropic endpoints.
- [REMOTE_CODE_EXECUTION]: Fetches status information from a well-known service's endpoint and processes it using a static Python parsing script. The content is handled as data rather than executable instructions.
- [CREDENTIALS_UNSAFE]: Use of authentication keys is restricted to legitimate diagnostic requests sent directly to official service endpoints.
- [PROMPT_INJECTION]: Indirect prompt injection attack surface analysis:
- Ingestion points: External status data fetched from status.anthropic.com in SKILL.md.
- Boundary markers: None.
- Capability inventory: Shell execution via Bash.
- Sanitization: Content is parsed as structured JSON, which treats the payload as data.
Audit Metadata