bv
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): This skill parses '.beads/beads.jsonl' to provide task recommendations. Malicious instructions could be placed in bead titles or descriptions by an attacker to manipulate agent logic. \n
- Ingestion points: '.beads/beads.jsonl' processed by the 'bv' command. \n
- Boundary markers: Structured JSON output is provided via '--robot-*' flags, though field content remains untrusted. \n
- Capability inventory: Local execution of 'bv', 'bd', and 'jq' CLI tools. \n
- Sanitization: No sanitization of project file content is described in the documentation. \n- Command Execution (SAFE): The documented commands are restricted to local analysis of the project dependency graph using the 'bv' utility and do not show signs of malicious command injection.
Audit Metadata