ask-cli
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a set of commands for interacting with the 'ask' CLI to perform StoreKit operations.
- [CREDENTIALS_UNSAFE]: The skill instructs users on how to configure authentication using sensitive data like issuer IDs and private keys, using environment variable placeholders to ensure security.
- [PROMPT_INJECTION]: The skill defines an attack surface for indirect prompt injection where the agent processes data from external API responses.
- Ingestion points: Output from 'ask products list', 'ask notifications list', and 'ask events list' commands (SKILL.md).
- Boundary markers: No delimiters are specified to separate API data from instructions.
- Capability inventory: The skill can execute various 'ask' CLI commands, including state-changing operations like transaction refunds.
- Sanitization: No sanitization of external API response data is described in the provided instructions.
Audit Metadata