dataapp-deployment
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill describes legitimate patterns for configuring Nginx, Supervisord, and application environments within the Keboola platform. All external resource references are consistent with the vendor's own infrastructure and standard development tools.
- [COMMAND_EXECUTION]: The skill provides instructions for generating and running shell scripts (setup.sh) and configuring process managers (Supervisord) to execute application commands. These actions are necessary for the skill's primary function of application deployment.
- [EXTERNAL_DOWNLOADS]: Documents the use of standard package managers like uv and npm to install dependencies from official public registries, which is a required step for setting up the application environment.
- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection as it facilitates generating configurations based on user-provided application data. 1. Ingestion points: User instructions for application specifications and dependency lists. 2. Boundary markers: Absent in provided templates. 3. Capability inventory: Shell script execution (setup.sh) and process management. 4. Sanitization: No explicit sanitization of user-provided strings is documented in the generation process.
Audit Metadata