automation-pilot-catalog-explorer
Pass
Audited by Gen Agent Trust Hub on Jul 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes
curlfor API requests andjqfor parsing JSON responses to discover and list automation catalogs and commands. - [EXTERNAL_DOWNLOADS]: The skill performs network operations targeting
emea.autopilot.cloud.sap. As this is a well-known vendor domain belonging to SAP, these requests are considered safe for the skill's intended purpose. - [DATA_EXFILTRATION]: Authentication credentials (
AUTOPI_USERNAME,AUTOPI_PASSWORD) are passed to the API via standard environment variable references. No unauthorized data exfiltration patterns were detected. - [PROMPT_INJECTION]: No direct prompt injection or safety bypass patterns were identified. The skill has an indirect prompt injection surface due to processing external API data.
- Ingestion points: API responses from
https://$AUTOPI_HOSTNAME/api/v1/commandsinSKILL.md. - Boundary markers: None present to distinguish API data from instructions.
- Capability inventory: Ability to run shell commands (
curl,jq) as seen inSKILL.md. - Sanitization: None observed for the ingested API data.
Audit Metadata