rails-deployment
Warn
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill involves the management of highly sensitive files such as
config/credentials/production.keyand environment files (.env). It also displays example credential patterns for services like Stripe and AWS in the documentation.\n- [COMMAND_EXECUTION]: The skill requires theBashtool to execute server management and deployment commands, includingkamal setup,kamal deploy, andkamal app exec.\n- [EXTERNAL_DOWNLOADS]: The skill installs thekamaltool from RubyGems and fetches system dependencies from official Debian/Ubuntu repositories during the container build process.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the handling of potentially untrusted input.\n - Ingestion points: Reads application source code, environment configurations, and runtime logs via
kamal app logs.\n - Boundary markers: No delimiters are present to distinguish untrusted data from instructions.\n
- Capability inventory: The agent has access to
Bash,Write, andEdittools.\n - Sanitization: No explicit sanitization or validation of ingested content is performed.
Audit Metadata