server-deploy

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads environment installers and setup scripts from official and well-known providers, including NodeSource (deb.nodesource.com), Rustup (sh.rustup.rs), Docker (get.docker.com), and Go (go.dev). These resources are used to configure the remote server runtime environment and are standard for development tasks.\n- [COMMAND_EXECUTION]: The skill uses SSH and shell commands to perform administrative tasks on the target server, such as system package installation via apt-get, process management using systemd and PM2, and modification of system configuration files for Nginx and UFW firewall rules.\n- [DATA_EXPOSURE]: Accesses the local user's SSH public keys (~/.ssh/id_rsa.pub or ~/.ssh/id_ed25519.pub) to automate the setup of authorized access on the remote host, which is a common and necessary step for server deployment.\n- [INDIRECT_PROMPT_INJECTION]: The skill parses project configuration files (e.g., package.json, requirements.txt, Cargo.toml) to automatically detect project types and configuration settings. While this represents a data ingestion surface from untrusted local files, the usage is confined to deployment parameters.\n
  • Ingestion points: Local project configuration files in the root directory.\n
  • Boundary markers: Not explicitly used during file parsing.\n
  • Capability inventory: Shell command execution and file management on the remote server via SSH.\n
  • Sanitization: No explicit validation of extracted values (like ports or project names) is mentioned, though these are used to construct configuration files.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 03:58 PM
Security Audit — agent-trust-hub — server-deploy