Skills
skills/decocms/deco-start/deco-site-deployment/Gen Agent Trust Hub

deco-site-deployment

Warn

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple CLI tools including kubectl, curl, jq, and base64. It dynamically constructs shell commands using variables like SITENAME and TARGET_CLUSTER_CONTEXT, which presents a command injection surface if these variables are influenced by untrusted input.
  • [REMOTE_CODE_EXECUTION]: The SiteState schema processed by the skill includes fields for runnerImage, builderImage, and runArgs. Modifying these fields allows for the execution of arbitrary containers and the manipulation of application runtime behavior within the target production Kubernetes clusters.
  • [EXTERNAL_DOWNLOADS]: The skill uses curl to send authenticated POST requests to admin.deco.cx and admin-gcp.deco.cx. These requests transmit site configuration data to external administrative endpoints to trigger redeployments.
  • [COMMAND_EXECUTION]: The skill performs high-privilege Kubernetes operations, including switching cluster contexts (kubectl config use-context) and patching sensitive state secrets. These actions require significant cluster permissions and could lead to unauthorized configuration changes if exploited.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 11, 2026, 11:22 PM