Skills
skills/composiohq/awesome-codex-skills/deploy-pipeline/Gen Agent Trust Hub

deploy-pipeline

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: Fetches and executes the official installation script for the Composio CLI from the vendor's domain (https://composio.dev/install) using a piped bash command.
  • [COMMAND_EXECUTION]: Instructs the agent to perform multiple shell-based operations including CLI authentication (composio login), tool integration (composio link), and execution of specialized deployment tasks (composio execute) involving external service APIs.
  • [PROMPT_INJECTION]: The skill processes untrusted data which presents a surface for indirect prompt injection:
  • Ingestion points: User-supplied arguments such as the --ref flag in scripts/ship.ts and arbitrary SQL query strings in the SUPABASE_RUN_SQL_QUERY data blocks.
  • Boundary markers: Absent; JSON payloads and CLI arguments do not use specific delimiters or instructions to ignore embedded commands.
  • Capability inventory: Includes composio execute (network API calls), composio run (local script execution), and curl (external network requests).
  • Sanitization: No explicit validation or sanitization of input strings is performed before they are incorporated into command payloads.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 07:30 PM