deploy
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill instructions require the agent to execute shell commands including
pnpm build,pnpm dev,pnpm test, andvercel --prod. These commands execute scripts defined in the project'spackage.jsonfile. \n- [INDIRECT_PROMPT_INJECTION] (HIGH): The skill is vulnerable to exploitation via untrusted project data. \n - Ingestion points: The agent reads and acts upon the project's local configuration files (e.g.,
package.json) to run build and test scripts. \n - Boundary markers: Absent. There are no instructions to verify the content of scripts or ignore instructions embedded in the codebase. \n
- Capability inventory: High-privilege shell execution via
pnpmand deployment viavercel. \n - Sanitization: Absent. The skill blindly trusts the integrity of the local environment and its configuration files.
Recommendations
- AI detected serious security threats
Audit Metadata