skills/mukul975/anthropic-cybersecurity-skills/implementing-ticketing-system-for-incidents/Gen Agent Trust Hub
implementing-ticketing-system-for-incidents
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes potentially untrusted data from external SIEM alerts to populate incident tickets, which creates a surface for indirect prompt injection.\n
- Ingestion points: Fields such as
rule_name,description, andiocswithin thealert_dataobject inSKILL.mdandscripts/agent.py.\n - Boundary markers: The generated descriptions use text-based headers (e.g., 'SECURITY INCIDENT — Auto-generated from SIEM') and horizontal separator lines to delimit the external data.\n
- Capability inventory: The skill utilizes network capabilities to create, update, and escalate records via ServiceNow and TheHive REST APIs.\n
- Sanitization: No explicit sanitization or escaping mechanisms are implemented for the alert data before its inclusion in the ticket body.\n- [CREDENTIALS_UNSAFE]: The
scripts/agent.pyscript accepts sensitive authentication data, including ServiceNow passwords and TheHive API keys, as command-line arguments. This method of handling credentials can result in secrets being exposed in system process listings and shell command history.\n- [EXTERNAL_DOWNLOADS]: The skill utilizes the 'requests' library, which is a standard and well-known dependency fetched from the official Python Package Index (PyPI).
Audit Metadata