agently-tools
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Describes the built-in
Cmdtool inreferences/builtin-tools.mdwhich allows local shell command execution with security controls such asallowed_cmd_prefixesandallowed_workdir_roots. - [EXTERNAL_DOWNLOADS]: References the Agently Python framework and third-party libraries like
playwrightandpyautoguiinreferences/builtin-tools.md. All source links inreferences/source-map.mdpoint to the officialAgentEraGitHub organization. - [DATA_EXFILTRATION]: Documents
SearchandBrowsetools inreferences/builtin-tools.mdthat perform network operations for information retrieval as part of their documented features. - [PROMPT_INJECTION]: Identifies an indirect prompt injection surface in
references/builtin-tools.md. 1. Ingestion points:SearchandBrowsetools retrieve external data. 2. Boundary markers: Not explicitly mentioned for tool result injection. 3. Capability inventory: Includes shell execution viaCmdand network access. 4. Sanitization: Usesallowed_cmd_prefixesfor command validation.
Audit Metadata