Deployment Advisor
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- [Prompt Injection] (SAFE): No patterns of instruction override or safety bypass were detected in the documentation.
- [Data Exposure & Exfiltration] (SAFE): No sensitive file access or network exfiltration patterns were found.
- [Obfuscation] (SAFE): Content is clear and lacks encoded or hidden characters.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): No remote scripts or package installations are triggered by these files.
- [Indirect Prompt Injection] (LOW): The manifest defines a surface for ingesting untrusted data (package.json, Dockerfile) and possesses write-level capabilities (modifying configurations), but no functional code is provided to evaluate implementation safety. Evidence: (1) Ingestion: manifest.yaml identifies package.json/Dockerfile; (2) Boundaries: Absent; (3) Capabilities: manifest describes pipeline and configuration modification; (4) Sanitization: Not documented.
Audit Metadata