chaos-engineer
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides multiple
grepcommand patterns for searching the codebase for hardcoded secrets, sensitive keywords (e.g., password, api_key), and insecure framework-specific code patterns. These commands are part of the intended security auditing workflow.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it analyzes untrusted source code without using explicit boundary markers to separate data from instructions.\n - Ingestion points: Target repository source files and configuration files (e.g., .env, .yml, .json, .rb, .py).\n
- Boundary markers: Absent. The workflow does not provide delimiters or instructions to ignore potential commands embedded in code comments or strings.\n
- Capability inventory: The agent has the ability to read arbitrary files and execute shell commands (
grep) to perform its analysis.\n - Sanitization: No sanitization or validation of the ingested code content is performed before processing.
Audit Metadata