deployment-automation
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill adheres to container security best practices by utilizing non-root users (
USER nodejs) in the Dockerfile and implementing multi-stage builds to reduce the production image's attack surface. - [EXTERNAL_DOWNLOADS]: The GitHub Actions configuration references well-known and official actions from GitHub (e.g.,
actions/checkout,actions/setup-node) and Docker (docker/setup-buildx-action). These are recognized as trusted sources for development and deployment workflows. - [COMMAND_EXECUTION]: The automation scripts (
deploy.sh,switch.sh) utilize standard command-line tools likekubectl,docker-compose, anddocker. These commands are appropriate for the skill's primary purpose of application deployment and infrastructure management. - [INDIRECT_PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection in its deployment scripts.
- Ingestion points: The
deploy.shscript accepts anIMAGE_TAGargument, andswitch.shreads current state fromcurrent_color.txt. - Boundary markers: No explicit delimiters or boundary instructions are used to separate these inputs from the execution logic.
- Capability inventory: The scripts execute infrastructure-altering commands via
kubectlanddocker-compose. - Sanitization: Input variables are interpolated directly into shell commands. While this is standard for such scripts, it represents a potential surface if the source of the input is untrusted.
Audit Metadata