Security risk report for @forgecat/openai_skills_netlify-deploy v0.0.10
Source Integrity
Low
Profile is sourced from OpenAI's official skills repository (github.com/openai/skills) with clear attribution and commit hash.
Metadata indicates legitimate origin (Apache-2.0 license, tested on Claude Code/Cursor/Codex platforms).
No suspicious or obfuscated source indicators detected.
Agent Intent
Low
Content describes legitimate Netlify CLI workflows (login, link, deploy) without injecting hidden instructions or role hijacking.
No directives to read sensitive files (~/.ssh, ~/.aws, .env), exfiltrate data, or reveal system prompts.
Documentation is educational and procedural; it guides the agent through standard deployment steps without poisoning guidance or weakening security defaults.
Details
Evidence
Authentication section explicitly recommends browser OAuth and secure token generation via official Netlify dashboard.
Environment variables section states 'Never commit secrets to Git' and directs users to set them in Netlify dashboard.
All CLI commands are standard, documented Netlify operations with no obfuscated or malicious payloads.
Permissions
Low
Profile declares no tools or MCP servers; it is purely instructional documentation for the Netlify CLI.
Guidance assumes the agent will invoke `npx netlify` commands, which are legitimate package manager operations scoped to Netlify's official CLI.
No file_write, file_delete, shell, or other high-risk categories are declared or implied beyond standard npm/npx execution.
Details
Evidence
No tool definitions or MCP server configurations present in the profile.
All commands are read-only status checks or standard Netlify CLI operations (login, deploy, link).
Network access is limited to Netlify's official services and user's Git repository.
MCP Risk
Low
No MCP servers are defined in this profile.
Profile relies entirely on the Netlify CLI (npx netlify), which is a well-known, publicly maintained package from Netlify.
No hidden instructions, arbitrary binary execution, or unrestricted filesystem/network access is introduced.
Details
Evidence
MCP servers section is empty.
All external interactions are through official Netlify CLI and standard Git operations.