automation-pilot-catalog-explorer

Pass

Audited by Gen Agent Trust Hub on Jul 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes curl for API requests and jq for parsing JSON responses to discover and list automation catalogs and commands.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations targeting emea.autopilot.cloud.sap. As this is a well-known vendor domain belonging to SAP, these requests are considered safe for the skill's intended purpose.
  • [DATA_EXFILTRATION]: Authentication credentials (AUTOPI_USERNAME, AUTOPI_PASSWORD) are passed to the API via standard environment variable references. No unauthorized data exfiltration patterns were detected.
  • [PROMPT_INJECTION]: No direct prompt injection or safety bypass patterns were identified. The skill has an indirect prompt injection surface due to processing external API data.
  • Ingestion points: API responses from https://$AUTOPI_HOSTNAME/api/v1/commands in SKILL.md.
  • Boundary markers: None present to distinguish API data from instructions.
  • Capability inventory: Ability to run shell commands (curl, jq) as seen in SKILL.md.
  • Sanitization: None observed for the ingested API data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 8, 2026, 10:43 AM
Security Audit — agent-trust-hub — automation-pilot-catalog-explorer