Skills
skills/zeabur/zeabur-claude-plugin/zeabur-service-delete/Gen Agent Trust Hub

zeabur-service-delete

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill directs the AI agent to execute system commands via the Zeabur CLI for service listing and deletion tasks.
  • [EXTERNAL_DOWNLOADS]: The skill uses npx zeabur@latest, which involves downloading and executing the latest version of the Zeabur CLI package from the public NPM registry at runtime.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the interpolation of user-supplied data into shell commands.
  • Ingestion points: The <service-id>, <service-name>, and <project-id> parameters enter the agent's context through user input defined in SKILL.md.
  • Boundary markers: No delimiters or safety warnings are present to prevent embedded instructions in these fields from influencing the command line.
  • Capability inventory: The skill has the capability to execute arbitrary subprocesses via the bash examples provided in SKILL.md.
  • Sanitization: No specific sanitization, escaping, or validation logic is defined to protect the shell command strings from maliciously crafted identifiers.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 11:48 PM