vss-manage-alerts

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads standard Python packages (such as FastAPI and the Slack SDK) from the official Python Package Index (PyPI) to support the notification relay functionality.
  • [COMMAND_EXECUTION]: The skill uses shell commands and API calls to interact with Docker containers and VSS microservices for operational tasks like checking service health and managing sensor configurations.
  • [PROMPT_INJECTION]: The notification relay component processes incident data originating from external video analytics streams, representing a potential indirect prompt injection surface.
  • Ingestion points: The scripts/alert-notify/server.py file receives incident payloads via the POST /webhook/alert-notify endpoint.
  • Boundary markers: The skill does not use explicit boundary delimiters when formatting incident data into notifications.
  • Capability inventory: The skill can post to Slack, update dashboards, and perform internal API calls to the Alert Bridge and VST services.
  • Sanitization: Basic truncation is applied to markdown fields in the Slack notification backend.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 04:37 PM
Security Audit — agent-trust-hub — vss-manage-alerts