aiox-devops
Warn
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a Node.js script located at '.aiox-core/development/scripts/generate-greeting.js' as part of its activation protocol.
- [PROMPT_INJECTION]: The skill dynamically loads agent instructions and persona definitions from local files ('.aiox-core/development/agents/devops.md' and '.aiox-core/constitution.md'). 1. Ingestion points: Reads instructions from files in the local '.aiox-core' directory. 2. Boundary markers: No delimiters or ignore-embedded-instruction warnings are present to isolate the loaded content. 3. Capability inventory: Significant privileges including shell command execution via Node.js and GitHub repository management (push, PR creation, CI/CD config). 4. Sanitization: No sanitization or validation of the loaded file content is implemented.
- [COMMAND_EXECUTION]: Provides commands for high-privilege repository operations such as '*push', '*create-pr', '*configure-ci', and '*release' which can modify remote code and automation workflows.
Audit Metadata