deployment-rollback

[Skill Scanner] Backtick command substitution detected The improved review concludes that this is a feature-rich yet risk-prone deployment rollback tool. It is not malicious by design but requires significant hardening before safe public use: secret redaction, restricted IO, auditable and scoped privileges, deterministic CLI versions, and secure checkpoint handling. Consider delivering as an internal, tightly-scoped utility with explicit provenance and robust access controls rather than a general-purpose public package. LLM verification: This skill appears functionally legitimate for its stated purpose (deployment rollback across multiple platforms). It does not contain obvious remote exfiltration, obfuscated code, or direct malicious payloads. However, it performs many high-privilege operations and writes sensitive data (environment variables, DB schema, logs, cluster configs) to local checkpoint/cache files without encryption or explicit guidance to secure or exclude them from source control. That creates a real risk of creden