Skills
skills/dumplingai/cli/dumplingai-cli/Gen Agent Trust Hub

dumplingai-cli

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the dumplingai-cli tool globally via npm, pnpm, or yarn. This is a vendor-owned package used to facilitate the skill's primary functions.
  • [COMMAND_EXECUTION]: The skill uses the dumplingai command for platform operations such as catalog search, catalog details, and run. It also suggests adding the npm global bin directory to the system PATH via shell profiles (e.g., .bashrc, .zshrc) to ensure the CLI tool is executable.
  • [PROMPT_INJECTION]: The skill processes potentially untrusted data from web scrapes and transcripts, creating a surface for indirect prompt injection.
  • Ingestion points: Data returned by dumplingai run and stored in the .dumplingai/ directory (SKILL.md, rules/safety.md).
  • Boundary markers: The rules/safety.md file explicitly instructs the agent to treat fetched content as untrusted and not as executable instructions.
  • Capability inventory: The skill can execute CLI commands and write/read files in the .dumplingai/ directory (SKILL.md).
  • Sanitization: Guidelines in rules/safety.md mandate analyzing content as text only and avoiding the execution of embedded code unless explicitly requested by the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 04:12 PM