seravo-dev
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of shell commands including
ssh,rsync,git, andwp-clito manage WordPress environments. It mitigates risk by explicitly defining a 'Production Server Safety' policy that restricts agents to read-only operations on live servers and requires manual user confirmation for any state-changing actions. - [EXTERNAL_DOWNLOADS]: The instructions guide the user to install well-known development tools such as DDEV via Homebrew and manage PHP dependencies through Composer. These are standard industry practices and rely on established, well-known technology services.
- [PROMPT_INJECTION]: The skill contains proactive safety instructions regarding indirect prompt injection. It explicitly warns the agent to treat production-synced database content as untrusted and to avoid interpreting database field values as instructions.
- [CREDENTIALS_UNSAFE]: The documentation includes a workflow for bootstrapping SSH access using the
sshpassutility. While this involves handling passwords, the guide includes specific security warnings against persistent storage of credentials and limits the use of this method to a one-time key installation step.
Audit Metadata