Skills
skills/davila7/claude-code-templates/railway-status/Gen Agent Trust Hub

railway-status

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill utilizes railway status --json and command -v railway to interact with the environment. These are restricted to the intended purpose of checking infrastructure status.
  • [EXTERNAL_DOWNLOADS] (SAFE): The documentation suggests the user install the official @railway/cli via npm or brew. It does not perform any automated or hidden downloads.
  • [DATA_EXFILTRATION] (SAFE): No sensitive local files (e.g., SSH keys, env files) are accessed. Data retrieved from the CLI is intended for presentation to the user.
  • [PROMPT_INJECTION] (LOW): As the skill parses and presents output from an external tool (Railway CLI), there is a theoretical surface for indirect prompt injection if an attacker could control service or project names within the Railway account. This is a standard risk for skills processing external data.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:58 PM