Skills
skills/zeabur/zeabur-claude-plugin/zeabur-update-service/Gen Agent Trust Hub

zeabur-update-service

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for executing shell commands using the Zeabur CLI to list services, manage environment variables, and restart services.
  • [EXTERNAL_DOWNLOADS]: It instructs the agent to download and run the latest version of the "zeabur" package from the NPM registry using "npx". This is the vendor's standard tool and is considered safe within this context.
  • [PROMPT_INJECTION]: The skill facilitates an indirect prompt injection surface by interpolating user-provided parameters directly into shell commands. 1. Ingestion points: User-supplied parameters for service IDs, tags, and environment variables in SKILL.md. 2. Boundary markers: None. 3. Capability inventory: Shell command execution via npx. 4. Sanitization: None.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 07:11 AM