Skills
skills/fellowship-dev/dogfooded-skills/fly-io/Gen Agent Trust Hub

fly-io

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill instructs the agent to download and execute the official Fly.io installation script from https://fly.io/install.sh. This is a routine procedure for installing the platform's CLI tool and originates from a well-known service provider.
  • [EXTERNAL_DOWNLOADS]: Fetches the flyctl installer and references official documentation and templates from Fly.io infrastructure.
  • [COMMAND_EXECUTION]: Uses the Bash tool to run flyctl for deployment orchestration, openssl for environment variable encryption, and standard PostgreSQL utilities for database operations.
  • [PROMPT_INJECTION]: The skill manages deployments by reading local configuration files such as fly.toml, package.json, and .env, which constitutes a surface for indirect prompt injection.
  • Ingestion points: Local project files referenced in SKILL.md and examples.md (e.g., fly.toml, .env).
  • Boundary markers: No delimiters or ignore instructions are provided for processed configuration data.
  • Capability inventory: Significant capabilities including shell execution (Bash), and file modification (Write, Edit).
  • Sanitization: No input validation or sanitization is performed on the content of ingested configuration files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 03:49 PM