deploy
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection Surface. The skill is designed to handle 'deploy and fix' scenarios where the agent may ingest untrusted data from local project files or build logs. 1. Ingestion points: Local project directory files and stdout/stderr from railway up --ci as described in SKILL.md. 2. Boundary markers: Absent. The instructions do not provide delimiters or warnings for processing the content of logs or project files. 3. Capability inventory: Execution of railway commands via Bash(railway:*) and suggested use of other configuration skills (environment, deployment). 4. Sanitization: Absent. The agent is encouraged to analyze build logs directly to fix issues without specific safety constraints.
Audit Metadata