Skills
skills/dl-alexandre/skills/usm-cli/Gen Agent Trust Hub

usm-cli

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download a binary from the author's GitHub repository at https://github.com/dl-alexandre/UniFi-Site-Manager-CLI/releases/latest/download/usm-darwin-arm64.
  • [REMOTE_CODE_EXECUTION]: The manual installation steps involve downloading a remote binary, making it executable, and moving it to a system path (curl -L [URL] -o usm; chmod +x usm; sudo mv usm /usr/local/bin/).
  • [COMMAND_EXECUTION]: The skill instructions require the use of elevated privileges (sudo) to install the downloaded binary into a protected system directory.
  • [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection by processing external data from a remote API.
  • Ingestion points: Data enters the agent context from the UniFi Site Manager API (api.ui.com) via the usm sites list and usm sites get commands as documented in SKILL.md.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore or isolate potential commands embedded within the API responses.
  • Capability inventory: The agent executes the usm CLI tool which interacts with both the local filesystem (configuration) and network APIs.
  • Sanitization: There is no evidence of sanitization or validation of the data fetched from the external API before it is presented to or processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:37 PM