deployment-engineer
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a vulnerability surface for indirect prompt injection through its automated file generation logic.
- Ingestion points: The script
scripts/generate_deploy.pyaccepts user-supplied strings via command-line arguments (--name,--env,--owner) and interpolates them directly into the output filedeploy-plan.md. - Boundary markers: There are no delimiters or explicit instructions in the generated file to differentiate between data and instructions, making it possible for an attacker to inject headers or commands that the agent might follow.
- Capability inventory: The skill is granted significant permissions, including
Bash,Write,Edit, andReadtools, which could be exploited if the agent obeys instructions injected into the generated plan. - Sanitization: No sanitization or validation is performed on the input arguments before they are written to the file system.
Audit Metadata