ai-agent-drill-evidence-and-cadence
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill facilities red-team prompt suite execution via agent.invoke in references/drill-evidence-capture.md. Evidence chain: 1. Ingestion: redteam/suite.py via load_suite. 2. Boundary markers: Absent. 3. Capability: agent.invoke. 4. Sanitization: Absent.
- [COMMAND_EXECUTION]: High-privilege management functions are provided for flipping global kill-switches in compliance/drills/kill_switch.py and freezing deployments in ci/gates/drill_freeze.py. These are legitimate tools for the skill's purpose.
- [DATA_EXFILTRATION]: The evidence pipeline includes functionality for uploading signed evidence packs to an internal vault and alerting via Slack and PagerDuty using internal service abstractions. No exfiltration to untrusted external domains was found.
Audit Metadata