writing-cli-skills
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill contains example commands such as
brew install,sudo apt install, andln -sfor symlinking. These are identified as benign documentation examples using placeholder names liketool-nameormy-tool. They are intended to show the user or agent how to structure installation and usage instructions in a new skill. - [CREDENTIALS_UNSAFE] (SAFE): The
references/template.mdfile contains a placeholder for an environment variable (TOOL_API_KEY="your-key"). This is a standard documentation practice and does not involve hardcoded secrets. - [DATA_EXFILTRATION] (SAFE): While the documentation mentions accessing config directories (~/.config), there are no patterns indicating the unauthorized transmission of data to external domains.
- [PROMPT_INJECTION] (SAFE): No instructions designed to override the agent's safety guardrails or system instructions were found. The instructional language used is appropriate for a tutorial or guide.
Audit Metadata