segmentation
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted external data in the form of network configuration and infrastructure-as-code files.
- Ingestion points: The process involves searching for and reading files such as Terraform (.tf) definitions, Kubernetes NetworkPolicies, and firewall configurations using the Glob and Grep tools.
- Boundary markers: The skill contains a 'Prompt Injection Safety Notice' which explicitly warns the agent not to interpret configuration comments or resource tags as instructions.
- Capability inventory: The skill's capabilities are limited to local file system discovery and reading (Read, Grep, Glob) with no access to shell execution or network tools.
- Sanitization: The instructions specifically direct the agent to treat all configuration content as untrusted data and to ignore any text that appears to be a prompt or command.
Audit Metadata