mcp-deployment
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [CREDENTIALS_UNSAFE] (SAFE): The skill identifies hardcoded credentials as a critical risk in its 'Sharp Edges' documentation and provides regex validations to detect them in user code. No actual secrets are leaked; examples use placeholders.
- [EXTERNAL_DOWNLOADS] (SAFE): Reference patterns utilize standard, trusted Docker images (node:20-slim, redis:7-alpine). No untrusted remote downloads or piped bash scripts are present.
- [COMMAND_EXECUTION] (SAFE): The skill describes Docker commands and shell signals (SIGTERM/SIGINT) strictly for orchestration and lifecycle management purposes. No arbitrary or malicious command execution is present.
- [DATA_EXFILTRATION] (SAFE): Network operations are limited to health checks (localhost) and standard database/cache connections. No sensitive file access or unauthorized network sends are performed.
- [PROMPT_INJECTION] (SAFE): No instructions attempt to bypass agent safety filters, override system prompts, or extract internal instructions.
Audit Metadata