ai-agent-drill-evidence-and-cadence

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilities red-team prompt suite execution via agent.invoke in references/drill-evidence-capture.md. Evidence chain: 1. Ingestion: redteam/suite.py via load_suite. 2. Boundary markers: Absent. 3. Capability: agent.invoke. 4. Sanitization: Absent.
  • [COMMAND_EXECUTION]: High-privilege management functions are provided for flipping global kill-switches in compliance/drills/kill_switch.py and freezing deployments in ci/gates/drill_freeze.py. These are legitimate tools for the skill's purpose.
  • [DATA_EXFILTRATION]: The evidence pipeline includes functionality for uploading signed evidence packs to an internal vault and alerting via Slack and PagerDuty using internal service abstractions. No exfiltration to untrusted external domains was found.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 04:57 PM
Security Audit — agent-trust-hub — ai-agent-drill-evidence-and-cadence