deploy-to-cloud-engine
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes shell commands including
icpandnpmto manage identities, build project assets, and deploy canisters to the Internet Computer network. - [EXTERNAL_DOWNLOADS]: The skill interacts with external domains such as
opencloud.organdcli.internetcomputer.orgfor authentication and documentation, which are established resources within the vendor's ecosystem. - [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it ingests and processes untrusted data from project files to drive deployment logic. \n
- Ingestion points: Project configuration files (
icp.yaml,canister.yaml) and user-supplied parameters (subnet-id,console-origin). \n - Boundary markers: Absent; the instructions do not implement delimiters to distinguish between system instructions and data from project files. \n
- Capability inventory: The skill can execute arbitrary build scripts defined in recipes (via
npm) and perform network deployments (viaicp). \n - Sanitization: None; the skill lacks validation or escaping for the contents of configuration files before passing them to the CLI tools.
Audit Metadata