automation-pilot-executions-api
Pass
Audited by Gen Agent Trust Hub on Jul 8, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
curlto perform network operations against the SAP Automation Pilot REST API andjqto parse and format the returned JSON data. These are standard tools for CLI-based API management. - [DATA_EXPOSURE_AND_EXFILTRATION]: The skill requires credentials (
AUTOPI_USERNAME,AUTOPI_PASSWORD) to be provided as environment variables. These are used only for basic authentication to the trusted domainemea.autopilot.cloud.sapbelonging to SAP. This setup is consistent with standard developer workflows for secure credential handling in automated scripts. - [INDIRECT_PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes data from an external source.
- Ingestion points: Data is ingested from the SAP API response fields, including
logs,error, andprogressMessage(found in SKILL.md). - Boundary markers: There are no explicit delimiters or instructions to ignore instructions embedded within the API responses.
- Capability inventory: The skill uses
curlfor network requests andjqfor shell-based data processing. - Sanitization: Content returned from the API is processed by
jqbut does not undergo specific sanitization for natural language instructions before being presented in the agent's context.
Audit Metadata