Skills
skills/alwaysmeticulous/skills/meticulous-cli-ci/Gen Agent Trust Hub

meticulous-cli-ci

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill describes how to execute local scripts via the --triggerScript parameter and run browser-based tests using ci run-local and ci run-with-tunnel.
  • [DATA_EXPOSURE]: CLI commands utilize an --apiToken for service authentication and can access sensitive local files such as TLS certificates (--localCert) and private keys (--localKey) when configuring tunnels.
  • [DATA_EXPOSURE]: The skill facilitates the transmission of local build artifacts (HTML/JS/CSS) and Docker images to Meticulous infrastructure for cloud-based test execution.
  • [INDIRECT_PROMPT_INJECTION]:
  • Ingestion points: The skill ingests untrusted data via the --appUrl and --triggerScript parameters in the SKILL.md file.
  • Boundary markers: No specific delimiters or safety instructions are defined for processing these external inputs.
  • Capability inventory: The skill can execute local scripts, launch browser instances (Puppeteer), and open network tunnels to local ports.
  • Sanitization: No input validation or sanitization logic is described in the markdown interface.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 05:39 PM