Command Development
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill provides documentation on creating commands that ingest external data through arguments and file references. \n
- Ingestion Points: Positional arguments ($1, $2) and file inclusion (@path) are demonstrated in multiple examples in simple-commands.md. \n
- Boundary Markers: While templates lack explicit runtime delimiters, the documentation emphasizes the use of argument-hint for structure. \n
- Capability Inventory: Examples demonstrate restricted bash tool usage (git, npm, kubectl) rather than broad access. \n
- Sanitization: The reference guide recommends using the most restrictive allowed-tools settings and provides a manual-approval flag (disable-model-invocation) for destructive or sensitive operations.
Audit Metadata