appdeploy
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
curlcommands to interact with the AppDeploy API for service registration and managing application deployments. - [DATA_EXFILTRATION]: The skill is designed to transmit project source code and configuration files to the external domain
api-v2.appdeploy.ai. This data transfer is the intended core functionality for the hosting service. - [CREDENTIALS_UNSAFE]: Authentication is managed via an API key stored in a local
.appdeployconfiguration file. The skill provides instructions for users to add this file to.gitignoreto prevent accidental credential leakage to version control. - [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface through the
get_deploy_instructionstool, which fetches instructions from a remote API that the agent is directed to follow before generating code. - Ingestion points: Remote instructions from
get_deploy_instructionsand file content retrieved viasrc_readandsrc_grep. - Boundary markers: Absent; there are no explicit delimiters or instructions to ignore potential commands within the data received from the API.
- Capability inventory: The agent has access to filesystem operations and shell command execution via
curl. - Sanitization: No validation or sanitization of the content returned from the remote API is performed before it is processed by the agent.
Audit Metadata