skills/sap/automation-pilot-agent-skills/automation-pilot-content-management-via-api/Gen Agent Trust Hub
automation-pilot-content-management-via-api
Pass
Audited by Gen Agent Trust Hub on Jul 8, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
curlandjqto facilitate communication with the SAP Automation Pilot Content API. These operations are restricted to the skill's defined purpose of managing automation resources such as catalogs, commands, and webhooks. - [EXTERNAL_DOWNLOADS]: Network operations are directed solely toward official SAP domains (e.g.,
*.autopilot.cloud.sap). There is no evidence of the skill downloading or executing code from untrusted third-party sources. - [CREDENTIALS_UNSAFE]: Authentication is handled via environment variables (
AUTOPI_USERNAMEandAUTOPI_PASSWORD), which is the recommended method for secure credential handling in this context. Example data provided in the documentation uses obvious mock values (e.g., 'secret123') for illustrative purposes only. - [PROMPT_INJECTION]: The skill contains internal safety instructions, such as guidelines to avoid automatic release of commands and requiring explicit user consent for sensitive actions. These function as operational guardrails rather than malicious injection patterns.
Audit Metadata