oke-cluster-generator

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the OCI CLI (oci) to perform environment discovery, such as listing Kubernetes versions, VCNs, shapes, service limits, and KMS keys. It also executes local utility scripts (preflight-check.sh and validate-cidr.sh) to verify tenancy authorization and network CIDR ranges. These operations are standard for infrastructure-as-code automation and are performed within the scope of the user's authenticated environment.
  • [PROMPT_INJECTION]: The skill processes user-supplied arguments (e.g., workload type, region) and questionnaire responses to generate Terraform variables. While this creates a surface for indirect prompt injection, the risk is minimized by the use of structured variable mapping tables, regex-based validation patterns in the schema templates, and human-in-the-loop confirmation steps before code generation.
  • [EXTERNAL_DOWNLOADS]: The skill references several external URLs for documentation and Terraform modules. All links point to official Oracle domains (oracle.com) or official Oracle GitHub repositories (github.com/oracle, github.com/oracle-terraform-modules, github.com/oracle-quickstart). These are recognized as trusted vendor resources.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 10:47 AM
Security Audit — agent-trust-hub — oke-cluster-generator