cml-admin
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references the
cml-mcppackage to be installed via pip, which is the expected driver for the CML administration tools provided by the author. - [CREDENTIALS_UNSAFE]: Security best practices are followed by using environment variables (
CML_URL,CML_USERNAME,CML_PASSWORD) for server authentication rather than hardcoding sensitive information. - [PROMPT_INJECTION]: The skill includes safety instructions for the agent, specifically directing it never to share passwords in communication channels (e.g., Slack), which mitigates accidental credential disclosure.
- [DATA_EXFILTRATION]: No suspicious network activity or patterns indicating unauthorized data transfer were found; all operations are directed at the configured CML server.
Audit Metadata