deploy
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes system commands including
pc(Pipecat CLI),docker, anduv. It utilizes shell piping (yes |) to automate interactive prompts during the Docker build and agent deployment processes. - [CREDENTIALS_UNSAFE]: The skill accesses local
.envfiles to upload secrets to the vendor's cloud service via thepc cloud secrets setcommand. It also handles the authentication flow by capturing and parsing login URLs and six-digit codes from the CLI's background output. - [EXTERNAL_DOWNLOADS]: The skill directs the user to install the vendor's CLI tool (
pipecat-ai-cli) using theuvpackage manager if the tool is not already present on the system. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing external configuration data from
pcc-deploy.tomland.envfiles which are interpolated into shell commands. - Ingestion points: Reads and parses
pcc-deploy.tomland.envfiles from the local filesystem (SKILL.md). - Boundary markers: None; the skill does not use specific delimiters or instructions to ignore embedded commands in the config files.
- Capability inventory: Full subprocess execution capabilities for
pc,docker, anduv(SKILL.md). - Sanitization: None; values from the configuration files are passed directly to the CLI tools.
Audit Metadata