deploy
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it analyzes external codebase files to determine deployment requirements.
- Ingestion points: The skill scans local codebase files for frameworks, databases, and dependencies (SKILL.md, Step 1).
- Boundary markers: There are no explicit instructions or delimiters defined to separate the data found in the codebase from the agent's internal instructions.
- Capability inventory: The skill possesses the ability to query architecture patterns via MCP, generate infrastructure-as-code, and execute deployment commands (SKILL.md, Step 5).
- Sanitization: The skill does not describe any methods for sanitizing or escaping the content retrieved from the codebase before it is processed by the model.
- [COMMAND_EXECUTION]: The skill performs command execution to run security scanners and deploy infrastructure.
- Evidence: The 'Deploy' step involves executing security checks (cfn-nag, checkov) and running deployment scripts (SKILL.md, references/security.md).
- Context: These operations are central to the skill's primary function and are mitigated by a requirement for explicit user confirmation and the use of automated security quality gates.
Audit Metadata