bashly
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
bashlyCLI tool for project initialization and script generation. It also executes the resulting Bash scripts locally to validate their functionality. - [EXTERNAL_DOWNLOADS]: The instructions recommend referencing documentation and examples from
bashly.devand thebashly-framework/bashlyrepository. These are verified official vendor resources. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it generates executable shell scripts based on user descriptions. Maliciously crafted user input could lead to the generation of harmful code that is executed during the script validation phase.
- Ingestion points: User-provided CLI design requirements, command names, and business logic.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are included in the prompt templates.
- Capability inventory: Filesystem access for writing code, execution of the
bashlytool, and execution of shell scripts. - Sanitization: There are no specific instructions for the agent to sanitize or validate user input before incorporating it into scripts.
Audit Metadata