Skills
skills/charon-fan/agent-playbook/deployment-engineer/Gen Agent Trust Hub

deployment-engineer

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool and local Python scripts (scripts/generate_deploy.py, scripts/validate_deploy.py) to automate tasks. This is expected behavior for a deployment engineering skill.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface through its artifact generation process. User-supplied strings are written to a markdown file without escaping.
  • Ingestion points: The --name, --env, and --owner arguments in scripts/generate_deploy.py allow user input to be included in generated files.
  • Boundary markers: The generated deploy-plan.md does not use specific delimiters or instructions to prevent the agent from following embedded commands if it later reads the file.
  • Capability inventory: The skill possesses Read, Write, Edit, and Bash tools as defined in SKILL.md.
  • Sanitization: No sanitization or validation is performed on the inputs before they are written to the deployment plan.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 02:05 AM