sealos-deploy
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local system commands through
docker,kubectl,gh, andgitto manage the deployment lifecycle. It implements a strict safety policy requiring user confirmation before installing missing tools or deleting resources. - [EXTERNAL_DOWNLOADS]: In fallback scenarios on Linux, the skill provides instructions to download and execute the official Docker installation script from
get.docker.com, which is a well-known and trusted source for container infrastructure. - [DATA_EXFILTRATION]: To authorize cloud operations, the skill reads the local
kubeconfigand transmits it to the Sealos Template API. This behavior is restricted to the platform's official domains and is a necessary function for the automated deployment service. - [PROMPT_INJECTION]: The skill analyzes untrusted content from user-provided GitHub repositories (READMEs and configuration files) to determine deployment parameters. This surface for indirect prompt injection is mitigated by the skill's interactive configuration phase, which ensures user review of all environment variables and deployment settings before rollout.
Audit Metadata