ai-incident-response

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill consists of instructional content, templates, and runbooks for incident management. It contains no malicious code, hardcoded credentials, or unauthorized network operations.
  • [PROMPT_INJECTION]: The documentation includes example prompt injection strings (e.g., in references/ai-incident-drill-and-game-day/references/game-day-exercises.md) for the purpose of training responders in drills and exercises. These are presented as data samples and do not affect the operating behavior of the agent.
  • Ingestion points: The skill is designed to process incident data such as traces, logs, and tool outputs that may contain malicious external inputs (references/ai-incident-evidence-capture/entrypoint.md).
  • Boundary markers: The framework implements a clear chain of custody and separates redacted data from unredacted evidence to protect sensitive information (references/ai-incident-evidence-capture/references/chain-of-custody.md).
  • Capability inventory: The skill utilizes administrative CLI tools (e.g., ai-ops, flag-platform) for controlling model behavior and feature state during incidents (references/ai-incident-response-runbook/entrypoint.md).
  • Sanitization: The evidence capture pipeline includes specific policies for masking PII and other sensitive fields before analysis (references/ai-incident-evidence-capture/references/evidence-bundle-spec.md).
  • [COMMAND_EXECUTION]: The skill describes using various command-line utilities (e.g., ai-ops, ai-evidence-export, gate_runner) to execute incident mitigations like model pinning or to export forensic bundles. These commands are part of the intended operational workflow.
  • [DATA_EXFILTRATION]: The skill defines a structured evidence capture process that aggregates system metadata and trace data into bundles for forensic storage (references/ai-incident-evidence-capture/entrypoint.md). This process is a core part of the incident response use case and includes controls for data redaction and secure storage.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 04:57 PM
Security Audit — agent-trust-hub — ai-incident-response