promovaweb-devops-review-portainer-stack
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows its stated purpose of auditing configuration files and does not contain any malicious or hidden instructions.
- [DATA_EXPOSURE_AND_EXFILTRATION]: File access is restricted to reading the target 'portainer.yaml' and writing 'portainer.audit.md'. No access to sensitive system paths (e.g., .ssh, .aws) or network exfiltration patterns were found.
- [INDIRECT_PROMPT_INJECTION]: The skill processes external data from 'portainer.yaml' (ingestion point). While boundary markers and sanitization are absent, the risk is negligible as the skill lacks high-risk capabilities like network access or command execution.
Audit Metadata