railway-deploy
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill analyzes build logs from the
railway up --cicommand, which constitutes an ingestion point for untrusted data that could be used for indirect prompt injection.\n - Ingestion points: Build logs and command output from the Railway CLI via the
railway upcommand.\n - Boundary markers: Absent; the skill does not define delimiters or instruct the agent to ignore instructions embedded in the logs.\n
- Capability inventory: The agent is authorized to execute all
railwayCLI commands through the Bash tool.\n - Sanitization: Absent; the agent is expected to read and process raw CLI output directly.
Audit Metadata