sysadmin
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill defines an 'Operator' role that executes shell commands on the host machine. It provides specific instructions for handling administrative tasks with sudo and using absolute paths to ensure commands target the intended environment safely.
- [SAFE]: Proactively instructs the agent to never include tokens, secrets, or credentials in configuration reports or documentation that are committed to the repository, reinforcing secure secret management.
- [SAFE]: Implements a 'stop-on-unexpected' policy and requires the agent to ask the user for machine-specific values (IPs, hostnames, secrets) rather than guessing them, which minimizes the risk of accidental misconfiguration.
- [SAFE]: Indirect Prompt Injection Surface Analysis: 1. Ingestion points: Reads runbooks and documentation from the docs/ directory; 2. Boundary markers: No explicit boundary delimiters are specified for external content; 3. Capability inventory: Full shell command execution via the Operator role; 4. Sanitization: Mitigated by requiring manual user confirmation for machine-specific values and maintaining a protocol to stop execution if unexpected behavior is encountered.
Audit Metadata