sota-cloud-infrastructure
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No executable code, remote dependencies, or malicious patterns were detected. The skill consists entirely of architectural documentation and best-practice guidelines for cloud infrastructure.
- [PROMPT_INJECTION]: The skill operates in an 'AUDIT' mode, which involves processing untrusted external data such as Terraform configurations or architecture documents. This presents a surface for indirect prompt injection.
- Ingestion points: The skill processes external Terraform repositories, architecture documents, and existing cloud environment configurations when in AUDIT mode.
- Boundary markers: Absent. No explicit instructions are provided to the agent to treat audited data as untrusted or to ignore embedded instructions within that data.
- Capability inventory: The skill is limited to generating text-based designs and audit reports. It does not contain scripts for subprocess execution, file-system writes, or network operations.
- Sanitization: Absent. The skill does not define methods for validating or sanitizing the input data before processing.
Audit Metadata