mcloud-logs
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill fetches and processes runtime logs, which are untrusted external data sources that could potentially contain malicious instructions intended to influence the agent's behavior.
- Ingestion points: The output of the
mcloud logscommand (referenced in SKILL.md). - Boundary markers: Absent. The instructions do not specify the use of delimiters or provide the agent with guidance to ignore embedded instructions within the logs.
- Capability inventory: The skill allows the agent to execute
mcloud logsandjqvia Bash, enabling data retrieval and transformation. - Sanitization: Absent. There is no evidence of filtering or sanitization of the log content before it is processed by the agent or piped into
jq.
Audit Metadata