Skills
skills/aradotso/trending-skills/cli-to-js-api-wrapper/Gen Agent Trust Hub

cli-to-js-api-wrapper

Warn

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill's primary purpose is to spawn and interact with arbitrary system binaries like git, npm, and docker. It provides methods like spawnCommand and convertCliToJs that execute shell commands based on programmatically generated strings.
  • [EXTERNAL_DOWNLOADS]: The documentation instructs users to install the cli-to-js package from the NPM registry and utilizes npx to execute remote code for generating TypeScript wrappers.
  • [DATA_EXFILTRATION]: The API allows for the configuration of environment variables (env) and working directories (cwd) for command execution. This allows an agent to access potentially sensitive environment data and file system paths.
  • [PROMPT_INJECTION]: The tool parses untrusted output from CLI help commands to dynamically build its API schema, creating a surface for indirect prompt injection. * Ingestion points: convertCliToJs reads binary help output; fromHelpText reads string inputs. * Boundary markers: Absent for the ingestion of CLI output. * Capability inventory: spawnCommand, exec, and file-writing via npx code generation. * Sanitization: Absent for parsed CLI output; input validation for flags is provided but not for the schema source itself.
  • [REMOTE_CODE_EXECUTION]: The npx command and the ability to execute dynamically specified binaries constitute a remote and local code execution surface.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 14, 2026, 01:41 AM