deploy
Fail
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: HIGHCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to run a variety of shell commands across multiple platforms and tools, including
npm,bun,docker,vercel,serverless, and theawsandghCLIs. This extensive command execution capability is used for building, testing, and deploying applications. - [CREDENTIALS_UNSAFE]: The deployment workflow explicitly instructs the agent to 'Check for AWS configs' and 'Review .env.example' to discover deployment platforms and environment requirements. Accessing configuration files such as
~/.aws/configor~/.aws/credentialsinvolves sensitive file paths that store authentication secrets. - [PROMPT_INJECTION]: The skill demonstrates a surface for indirect prompt injection because it performs 'Project Context Discovery' by reading local files like
package.json,next.config.js, andvercel.json. If an attacker provides a repository with malicious instructions embedded in these project files or script definitions, the agent might execute unauthorized commands or exfiltrate data while attempting to run legitimate deployment tasks.
Recommendations
- AI detected serious security threats
Audit Metadata