solo-deploy
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
Bashtool to run various deployment and management commands for platforms like Vercel, Cloudflare, Fly.io, and Supabase. This includes executing migrations, environment variable management, and production deployments. - [EXTERNAL_DOWNLOADS]: The skill suggests installing well-known CLI tools (
vercel,wrangler,flyctl,supabase) from official repositories or package managers if they are not detected locally. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and executes instructions directly from project files such as
plan.mdandpackage.json. - Ingestion points: Reads instructions from
docs/plan/*/plan.md,package.json, and stack configuration files. - Boundary markers: No explicit boundary markers or 'ignore' instructions are used when parsing these files.
- Capability inventory: The skill has access to
Bash,Write,Edit, and Git operations, allowing it to perform significant system changes based on parsed data. - Sanitization: No sanitization logic for data extracted from project files is described.
Audit Metadata