deploy-to-cloud-engine

Pass

Audited by Gen Agent Trust Hub on Jun 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell commands including icp and npm to manage identities, build project assets, and deploy canisters to the Internet Computer network.
  • [EXTERNAL_DOWNLOADS]: The skill interacts with external domains such as opencloud.org and cli.internetcomputer.org for authentication and documentation, which are established resources within the vendor's ecosystem.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it ingests and processes untrusted data from project files to drive deployment logic. \n
  • Ingestion points: Project configuration files (icp.yaml, canister.yaml) and user-supplied parameters (subnet-id, console-origin). \n
  • Boundary markers: Absent; the instructions do not implement delimiters to distinguish between system instructions and data from project files. \n
  • Capability inventory: The skill can execute arbitrary build scripts defined in recipes (via npm) and perform network deployments (via icp). \n
  • Sanitization: None; the skill lacks validation or escaping for the contents of configuration files before passing them to the CLI tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 28, 2026, 03:44 AM
Security Audit — agent-trust-hub — deploy-to-cloud-engine