Skills
skills/labring/sealos-skills/cloud-native-readiness/Gen Agent Trust Hub

cloud-native-readiness

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill operates as a diagnostic tool, performing read-only analysis of project structures and configurations to determine containerization suitability.
  • [DATA_EXFILTRATION]: The skill identifies and reads sensitive file paths (such as .env and .env.example) and searches for hardcoded secrets in source code (modules/assess.md). This activity is part of its core assessment logic to ensure project security and cloud-native compliance; no evidence of external data transmission was found.
  • [PROMPT_INJECTION]: The skill processes content from untrusted external repositories when a GitHub URL is provided as input.
  • Ingestion points: Project files are analyzed using shell commands in modules/assess.md and modules/detect.md.
  • Boundary markers: There are no explicit delimiters or instructions to ignore potential injection patterns within the processed files.
  • Capability inventory: The skill uses grep, find, and ls for analysis and can chain to other tools like /dockerfile via modules/route.md.
  • Sanitization: There is no specific sanitization logic for the data extracted from untrusted sources.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 04:44 PM