mcloud-deployments
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses mcloud, which is the official CLI tool for Medusa Cloud. All operations are within the expected scope of cloud deployment management.
- [COMMAND_EXECUTION]: The skill utilizes mcloud deployments and jq commands to retrieve and parse deployment data. This functionality is consistent with the skill's stated purpose and adheres to the principle of least privilege through restricted tool definitions.
- [PROMPT_INJECTION]: The skill identifies a surface for potential indirect prompt injection through the processing of external build logs and deployment metadata.
- Ingestion points: External data is ingested into the agent context via mcloud deployments list, mcloud deployments get, and mcloud deployments build-logs in SKILL.md.
- Boundary markers: No explicit delimiters or boundary markers are defined to isolate untrusted build log content from the agent's internal instructions.
- Capability inventory: The skill allows execution of Bash(mcloud deployments*) and Bash(jq*) commands.
- Sanitization: There is no implementation of sanitization, escaping, or filtering for external data before it is presented to the agent.
Audit Metadata