Skills
skills/levnikolaevich/claude-code-skills/ln-032-vps-project-runtime/Gen Agent Trust Hub

ln-032-vps-project-runtime

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses Bash and specialized SSH tools (mcp__hex-ssh) to perform administrative tasks on remote servers, such as creating system directories (/etc/ and /var/lib/) and installing systemd services.
  • [EXTERNAL_DOWNLOADS]: The skill clones project repositories from external URLs provided via the ${REPO_URL} variable.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external repository content while maintaining high privileges.
  • Ingestion points: ${REPO_URL} and ${REPO_REF} inputs (SKILL.md, Phase 2).
  • Boundary markers: Absent.
  • Capability inventory: Remote shell execution (Bash), file system modification on VPS (SSH write/edit tools), and system service management.
  • Sanitization: Not explicitly implemented in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 08:04 PM