deployment
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a comprehensive guide for DevOps and deployment workflows, adhering to security best practices.
- [CREDENTIALS_UNSAFE]: The instructions explicitly advise against hardcoding secrets in version-controlled files like
render.yaml, recommending the use of platform-specific secret management tools instead. - [PROMPT_INJECTION]: The skill operates on project configuration files (such as
render.yamlandDockerfile), which constitutes a surface for indirect prompt injection. However, the skill provides logical analysis and verification steps without implementing dangerous or automated execution of untrusted instructions found in those files.
Audit Metadata