deployment
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill provides instructions to execute local scripts (
scripts/test-coolify-build.sh) and build tools (pnpm,npm) using theBashtool. These commands are integral to the deployment validation process but provide an execution surface for the agent. - [EXTERNAL_DOWNLOADS] (LOW): The skill references the use of
pnpm installandnpm run build, which involve downloading third-party dependencies from external registries. These are standard development operations. - [DATA_EXFILTRATION] (SAFE): The skill contains hardcoded references to a specific deployment server at
95.217.155.28:8000. This is used for webhook configuration and monitoring and does not appear to be an exfiltration attempt. - [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from repository files to perform automated validation steps.
- Ingestion points: Deployment configuration files including
nixpacks.toml,package.json, andDockerfileare read to determine the build plan. - Boundary markers: Absent; there are no instructions to ignore instructions embedded within the files being processed.
- Capability inventory: The skill has access to
Bash,Write,Edit, andReadtools, which are powerful enough to modify the system or exfiltrate data if the agent is misled. - Sanitization: Absent; the skill does not specify any validation or sanitization for the content of the configuration files before they influence the agent's actions.
Audit Metadata