ops-oncall-log
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from external monitoring platforms (e.g., alert titles and descriptions) and interpolates it directly into wiki pages and agent context. This presents an indirect prompt injection surface.\n
- Ingestion points: Alert events and monitor statuses fetched from monitoring MCP servers (Step 4 of SKILL.md).\n
- Boundary markers: Absent. The instructions do not specify delimiters or warnings to treat fetched alert data as untrusted.\n
- Capability inventory: Ability to write to wiki platforms (Confluence/Notion), read local filesystem configuration, and use the Bash tool.\n
- Sanitization: Absent. There is no requirement to sanitize or escape alert data before it is included in the final log page or processed by the agent.
Audit Metadata