status
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
zerodeployCLI to list deployments and retrieve site statistics. These actions are standard for managing and monitoring the vendor's own service. - [DATA_EXPOSURE]: The skill reads the
zerodeploy.jsonconfiguration file to extract organization and site slugs. This access is restricted to public-facing project identifiers and does not include sensitive system files or private credentials. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it processes and summarizes data from the project configuration and tool outputs. 1. Ingestion points: Data enters the context via the
zerodeploy.jsonfile and the output of thezerodeploycommand. 2. Boundary markers: The instructions do not specify the use of delimiters or 'ignore' markers for the ingested data. 3. Capability inventory: The agent's capabilities are restricted to executing thezerodeploycommand-line utility. 4. Sanitization: No explicit validation or filtering of the ingested data is performed before it is summarized for the user.
Audit Metadata