Skills
skills/zeabur/zeabur-claude-plugin/zeabur-file/Gen Agent Trust Hub

zeabur-file

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses npx zeabur@latest to download and run the Zeabur CLI from the NPM registry. This vendor-provided tool is used to pull user-uploaded project files for analysis.
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands such as ls, cat, and find to explore the structure and read the contents of the pulled project files in the /tmp/project directory.
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by processing untrusted data from project uploads. Ingestion points: Content is pulled from a remote source into a local temporary directory via the Zeabur CLI. Boundary markers: The instructions do not define delimiters or specific warnings to ignore embedded instructions within the project files. Capability inventory: The agent has access to file reading and shell execution tools to process the data. Sanitization: No sanitization or validation is applied to the retrieved content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 08:24 PM
Security Audit — agent-trust-hub — zeabur-file