fizzy
Pass
Audited by Gen Agent Trust Hub on May 2, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
fizzyCLI to perform a wide range of actions including board management, card manipulation, and user administration. - [PROMPT_INJECTION]: As the skill retrieves and displays user-generated content (card titles, descriptions, and comments) from the Fizzy service, it possesses a standard surface for indirect prompt injection. This is inherent to the functionality of project management tools.
- [SAFE]: The skill provides specific instructions for the agent to handle session tokens by writing them to temporary files with restricted permissions (
chmod 600), demonstrating a security-aware approach to credential management within the agent's environment.
Audit Metadata