netlify-deploy
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill executes commands like npm install and npx netlify. While standard for web development, these commands can be exploited by malicious code in a project's package scripts.
- EXTERNAL_DOWNLOADS (LOW): The skill retrieves the Netlify CLI and project dependencies from the npm registry, which is a standard but external source.
- DATA_EXFILTRATION (LOW): The skill uploads project assets and metadata to Netlify servers. This is the intended behavior and follows the primary use case of the skill.
- CREDENTIALS_UNSAFE (LOW): The skill handles sensitive authentication tokens (NETLIFY_AUTH_TOKEN). It includes appropriate warnings against hardcoding these secrets in source control.
- INDIRECT_PROMPT_INJECTION (LOW): (1) Ingestion points: Reads package.json and netlify.toml from the project directory. (2) Boundary markers: No explicit delimiters are used to isolate untrusted configuration data from agent instructions. (3) Capability inventory: Full command execution and network access are available. (4) Sanitization: No validation of configuration content is performed.
Audit Metadata