using-cli-tools
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill documents the use of standard development and cloud CLIs (Git, AWS, Supabase, Vercel, etc.) for legitimate administrative and deployment tasks.
- [EXTERNAL_DOWNLOADS] (SAFE): References to package managers and execution tools (npx, bunx) are limited to well-known, trusted tools like Prisma, Drizzle, and Turborepo.
- [DATA_EXFILTRATION] (SAFE): While the skill includes commands that manage secrets and environment variables, it does so through official provider CLIs and does not include any logic to send data to untrusted external endpoints.
- [CREDENTIALS_UNSAFE] (SAFE): The skill mentions commands for managing secrets and parameters (e.g., AWS Secrets Manager, Vercel env, Fly secrets). These are placeholders for legitimate secret management and do not contain hardcoded credentials or malicious extraction logic.
Audit Metadata