preview-environments-builder
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The suggested workflows execute 'npm run build' and 'docker build' on code originating from untrusted 'pull_request' events. An external contributor can modify the repository's build scripts to execute arbitrary malicious code on the runner.
- DATA_EXFILTRATION (HIGH): Workflows triggered by untrusted pull requests are granted access to high-value secrets, including 'VERCEL_TOKEN' and 'PREVIEW_DB_URL'. Attackers can utilize build-time RCE to exfiltrate these credentials via network requests.
- EXTERNAL_DOWNLOADS (MEDIUM): The skill utilizes 'amondnet/vercel-action@v25', a third-party GitHub Action from an untrusted source. This introduces a supply-chain risk as the action is not from a verified organization and could be compromised.
- COMMAND_EXECUTION (MEDIUM): The workflow performs privileged operations like 'kubectl create namespace' and 'psql' database creation. In a compromised CI environment where untrusted code has already executed, these capabilities significantly increase the blast radius of an attack.
Recommendations
- AI detected serious security threats
Audit Metadata