firewall-review
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it is designed to ingest and analyze external, potentially untrusted data such as firewall configuration files and rule descriptions. However, this is proactively mitigated through a dedicated 'Prompt Injection Safety Notice' that instructs the agent to treat all configuration content as untrusted data and ignore any instructions found within comments.
- Ingestion points: Firewall configuration files (iptables, nftables, terraform, cloud security groups, etc.) accessed via Read, Grep, and Glob tools.
- Boundary markers: The skill includes explicit instructions to ignore embedded instructions and treat comments as data.
- Capability inventory: Limited to read-only operations (Read, Grep, Glob) and reporting; no dynamic code execution or network exfiltration tools are used.
- Sanitization: The instructions mandate ignoring commands within configuration comments.
Audit Metadata