depot-ci
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to read and process existing GitHub Actions workflow files.
- Ingestion points: Processes YAML configuration files located in
.github/workflows/and.github/actions/. - Boundary markers: The instructions do not specify any explicit boundary markers or 'ignore' instructions when parsing these files.
- Capability inventory: The skill can execute
depot ciCLI commands, manage environment secrets, and perform network requests viacurl. - Sanitization: No specific sanitization or validation logic for the ingested workflow content is described in the provided files.
- [COMMAND_EXECUTION]: Executes local CLI commands using the
depottool to manage CI/CD tasks. - Evidence: Commands include
depot ci migrate,depot ci run, anddepot ci secrets. - [EXTERNAL_DOWNLOADS]: Communicates with the vendor's official API endpoint for workflow orchestration and secret management.
- Evidence: Performs
curlrequests toapi.depot.dev.
Audit Metadata