oke-cluster-generator
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the OCI CLI (
oci) to perform environment discovery, such as listing Kubernetes versions, VCNs, shapes, service limits, and KMS keys. It also executes local utility scripts (preflight-check.shandvalidate-cidr.sh) to verify tenancy authorization and network CIDR ranges. These operations are standard for infrastructure-as-code automation and are performed within the scope of the user's authenticated environment. - [PROMPT_INJECTION]: The skill processes user-supplied arguments (e.g., workload type, region) and questionnaire responses to generate Terraform variables. While this creates a surface for indirect prompt injection, the risk is minimized by the use of structured variable mapping tables, regex-based validation patterns in the schema templates, and human-in-the-loop confirmation steps before code generation.
- [EXTERNAL_DOWNLOADS]: The skill references several external URLs for documentation and Terraform modules. All links point to official Oracle domains (
oracle.com) or official Oracle GitHub repositories (github.com/oracle,github.com/oracle-terraform-modules,github.com/oracle-quickstart). These are recognized as trusted vendor resources.
Audit Metadata