Skills
skills/mrgoonie/claudekit-skills/devops/Gen Agent Trust Hub

devops

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection vulnerability surface identified in documentation code examples.
  • Ingestion points: references/browser-rendering.md and references/cloudflare-workers-advanced.md contain TypeScript examples that take URLs from request parameters to fetch external content.
  • Boundary markers: The code snippets lack delimiters or instructions to the LLM to ignore potentially malicious commands embedded in the scraped content.
  • Capability inventory: The skill possesses the ability to execute deployment commands (wrangler), perform AI inference (env.AI.run), and automate browsers (puppeteer).
  • Sanitization: Although the documentation text advises users to validate URLs and sanitize content, the provided examples interpolate untrusted data directly into the LLM context.
  • [COMMAND_EXECUTION] (SAFE): Execution of local CLI tools for deployment purposes.
  • Evidence: The scripts/cloudflare_deploy.py script uses subprocess.run to invoke the wrangler CLI for worker deployment.
  • Context: This is the primary intended function of the DevOps skill. The script follows security best practices by using list-based arguments to prevent shell injection vulnerabilities.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:48 PM