deployment-configs
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [SAFE] (SAFE): The skill provides standard, high-quality infrastructure-as-code templates for Celery. Kubernetes manifests correctly implement security contexts like runAsNonRoot and runAsUser, and define resource limits to prevent denial-of-service through resource exhaustion.
- [CREDENTIALS_UNSAFE] (SAFE): The deployment orchestrator (deploy.sh) includes a built-in security validation step that scans the project for hardcoded secrets, specifically looking for Anthropic API key patterns (sk-ant-api), and halts deployment if any are detected.
- [COMMAND_EXECUTION] (SAFE): While the scripts execute shell commands, they are restricted to standard system administration tasks (e.g., kubectl apply, systemctl start) required for its primary purpose as a deployment tool.
- [DATA_EXFILTRATION] (SAFE): Scanner alerts for '1.se' and 'logger.info' were evaluated as false positives. 'logger.info' is a standard software logging method, and '1.se' appears to be a result of the automated scanner misinterpreting shell command fragments or version numbers in the script files.
Recommendations
- Contains 2 malicious URL(s) - DO NOT USE
Audit Metadata