use-railway
Pass
Audited by Gen Agent Trust Hub on Mar 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to download the Railway CLI from official vendor sources, including the
cli.newshortcut and the@railway/clinpm package. - [REMOTE_CODE_EXECUTION]: Installation guidance includes a piped shell script execution pattern (
curl | bash) from a remote URL to facilitate CLI setup. - [DATA_EXFILTRATION]: The API helper script in
scripts/railway-api.shaccesses the Railway authentication token stored in~/.railway/config.jsonto authorize requests to the official Railway GraphQL API. - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection through the ingestion of untrusted data from Railway community threads (via
station-server.railway.com) and service logs, which are processed without explicit sanitization or boundary markers. - [COMMAND_EXECUTION]: The skill requires broad command execution privileges to interact with the Railway CLI, manage cloud infrastructure, and perform environment configurations.
Audit Metadata