Skills
skills/openshift/lightspeed-service/investigate-ci-failure/Gen Agent Trust Hub

investigate-ci-failure

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection (Category 8) by processing untrusted data generated during CI processes.
  • Ingestion points: The agent reads build logs (build-log.txt), job metadata (finished.json), and test results (junit_*.xml) from external storage buckets.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the content of these logs as untrusted data or to ignore instructions embedded within them.
  • Capability inventory: The skill utilizes potentially powerful capabilities including shell command execution (gh, gcloud), local file system writes (mktemp, gcloud storage cp), and network operations (WebFetch).
  • Sanitization: No sanitization or validation is performed on the content of the logs or artifacts before they are processed by the agent.
  • [EXTERNAL_DOWNLOADS]: The skill fetches configuration, logs, and metadata from remote sources.
  • Evidence: Downloads artifacts from storage.googleapis.com/test-platform-results/ and gcsweb-ci.apps.ci.l2s4.p1.openshiftapps.com/gcs/. These domains represent the official CI infrastructure for the OpenShift project.
  • [COMMAND_EXECUTION]: The skill relies on shell commands to interact with external services and manage local data.
  • Evidence: Uses the gh CLI for GitHub API interactions and gcloud storage or gsutil for downloading large log files and directories to temporary local storage.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 11:32 AM
Security Audit — agent-trust-hub — investigate-ci-failure