setup-deploy
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes multiple Bash commands to detect project configuration files (e.g., fly.toml, render.yaml) and check for the presence of deployment CLI tools. It also runs commands to verify health check endpoints using curl.
- [EXTERNAL_DOWNLOADS]: The skill performs update checks via a local binary and synchronizes state with a remote Git repository if the user enables the 'GBrain' feature. These operations are initiated via Git commands like git fetch and git merge.
- [DATA_EXFILTRATION]: The skill incorporates an opt-in telemetry system that logs skill usage and duration. It also allows for the synchronization of session artifacts to a private GitHub repository, both of which require explicit user approval.
- [REMOTE_CODE_EXECUTION]: The preamble uses eval and source to dynamically execute the output of local binaries from the tool's installation directory (~/.claude/skills/gstack/bin/), which is a standard method for configuring the shell environment.
- [PROMPT_INJECTION]: The skill includes instructions that direct the agent to override standard behavior in certain modes (e.g., plan mode) and prioritize the skill's specific workflow. It also defines a specific 'Confusion Protocol' to handle architectural ambiguity.
- [SAFE]: The skill follows secure coding practices by explicitly masking secrets (e.g., RENDER_API_KEY is only partially displayed) and mandating user confirmation before applying modifications to the project's CLAUDE.md configuration file.
Audit Metadata