cli-expert
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides implementation templates for executing system commands and managing child processes using Node.js
child_process.execSyncandspawn. These are documented as standard patterns for CLI tool development and testing. - [EXTERNAL_DOWNLOADS]: Includes references to several well-known and widely-used npm packages such as
commander,yargs,inquirer, andora. It also provides GitHub Action templates that reference official or well-known actions likeactions/checkoutandactions/setup-node. These references target trusted open-source ecosystems. - [DATA_EXPOSURE]: Describes legitimate methods for accessing platform-specific user configuration directories (e.g.,
~/.config,AppData,Library/Application Support) to store application settings. This is standard behavior for CLI applications and does not involve unauthorized exfiltration. - [PROMPT_INJECTION]: The instructions contain standard role-definition and task-guidance prompts. There are no attempts to bypass safety filters or override core agent instructions.
Audit Metadata