implementing-saml-sso-with-okta
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes Python scripts (scripts/agent.py and scripts/process.py) that perform network requests to Okta API endpoints and user-defined SAML metadata URLs. These operations are essential for the skill's stated purpose of auditing SSO health.
- [PROMPT_INJECTION]: The skill processes untrusted external data which constitutes an indirect prompt injection surface.
- Ingestion points: SAML metadata XML content fetched in scripts/process.py and Okta API response payloads in scripts/agent.py.
- Boundary markers: None present; external data is parsed and integrated directly into audit results.
- Capability inventory: The skill can perform network operations and write reports to the local filesystem.
- Sanitization: Data is parsed using standard library XML and JSON parsers; no advanced sanitization of text content within those structures is performed.
Audit Metadata