zeabur-service-exec
Warn
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of arbitrary shell commands inside remote service containers via the Zeabur CLI's
service execfunctionality. - [EXTERNAL_DOWNLOADS]: Instructs the agent to fetch and execute the latest version of the Zeabur CLI from the npm registry using
npx zeabur@latestat runtime. - [CREDENTIALS_UNSAFE]: Provides explicit instructions for accessing sensitive production information, including the display of all environment variables (
env), database passwords ($MYSQL_ROOT_PASSWORD), and application configuration files (cat /app/config.json). - [DATA_EXFILTRATION]: Enables the inspection and potential extraction of production database contents and secrets by providing shell access to service environments.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by interpolating user-provided instructions directly into shell commands without verification or sanitization. (Ingestion points: User-supplied command arguments in SKILL.md; Boundary markers: Absent; Capability inventory: Arbitrary shell execution inside service containers; Sanitization: Absent).
Audit Metadata