trigger-deploy-guard
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill audits local project files for secrets, which creates a surface for indirect prompt injection where content in scanned files could attempt to manipulate the agent's behavior. 1. Ingestion points: Scans project files using grep and read tools. 2. Boundary markers: None. 3. Capability inventory: grep, git, and npx commands. 4. Sanitization: None.
- [COMMAND_EXECUTION]: Uses git and grep for auditing and npx trigger.dev for deployment tasks; these are standard operations for the well-known Trigger.dev service.
Audit Metadata