cli
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the use of powerful CLI tools for file system search and manipulation, such as sd, comby, and ast-grep for in-place code rewrites.
- [EXTERNAL_DOWNLOADS]: The skill provides instructions for using wget to fetch content from remote URLs, which can be used to ingest external data into the agent's workflow.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface.
- Ingestion points: Content read from the local file system using search tools (rg, fd, ast-grep, etc.) and data fetched from remote URLs via wget.
- Boundary markers: The instructions do not define specific delimiters or instructions for the agent to treat the output of these tools as untrusted, increasing the risk of instruction override.
- Capability inventory: The skill allows the agent to modify files (sd, comby, ast-grep, yq -i) and perform network operations (wget).
- Sanitization: No validation, escaping, or filtering of the content processed by the CLI tools is specified in the skill's instructions.
Audit Metadata