railway
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for executing arbitrary commands using 'railway run ' and accessing interactive environments via 'railway shell'. These are standard administrative features of the Railway platform for managing deployments.
- [EXTERNAL_DOWNLOADS]: The documentation guides users to install the Railway CLI via 'npm install -g @railway/cli'. This is the official tool for a well-known deployment service.
- [PROMPT_INJECTION]: The skill facilitates the deployment of applications by reading local project configuration files (e.g., package.json, requirements.txt, Dockerfile). These files could potentially contain malicious instructions if they originate from an untrusted source, which could then be executed by the platform during build or runtime.
- Ingestion points: Local project configuration files (identified in SKILL.md).
- Boundary markers: None present.
- Capability inventory: Arbitrary command execution via 'railway run' and 'railway shell', and deployment via 'railway up'.
- Sanitization: No sanitization of external project file content is described.
Audit Metadata