deploy-app
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows secure DevOps practices, including the use of isolated worktrees for changes and mandatory validation of manifests before deployment.
- [COMMAND_EXECUTION]: Utilizes trusted CLI tools like kubectl, helm, and git. Commands are structured with quoted variables to prevent common injection vectors.
- [EXTERNAL_DOWNLOADS]: Fetches Helm charts and repository metadata from public registries, which is the expected behavior for a deployment tool.
- [DATA_EXFILTRATION]: Includes scripts that interact with a local Prometheus instance (defaulting to localhost). These interactions are limited to querying status endpoints and metrics.
- [PROMPT_INJECTION]: The skill ingests data from external Helm charts and cluster logs during the research and health verification phases. While explicit delimiters for untrusted content are not used, the skill incorporates validation tasks and a PR-based workflow that requires human review of all changes.
Audit Metadata