Skills
skills/sickn33/antigravity-awesome-skills/pagerduty-automation/Gen Agent Trust Hub

pagerduty-automation

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection vulnerability surface.
  • Ingestion points: The skill retrieves untrusted data from PagerDuty incident lists, alert details, and notes via tools like PAGERDUTY_FETCH_INCIDENT_LIST and PAGERDUTY_GET_ALERTS_BY_INCIDENT_ID described in SKILL.md.
  • Boundary markers: No delimiters or safety instructions are provided to isolate external PagerDuty data from the agent's core instructions.
  • Capability inventory: The skill enables modification of PagerDuty resources, such as escalation policies and on-call schedules, which could be abused if malicious instructions are processed.
  • Sanitization: No sanitization or validation of PagerDuty API responses is performed before the data is processed or used in subsequent actions.
  • [DATA_EXFILTRATION]: External Network Dependency.
  • The skill instructs users to configure an external MCP server at https://rube.app/mcp. This setup results in the transmission of agent context and interaction data to an external service provider that is not included in standard whitelists.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 10:40 PM