omni-admin
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
omniCLI to perform administrative operations, including managing users, groups, connections, and permissions. These commands are necessary for the skill's stated purpose and do not show signs of malicious intent. - [EXTERNAL_DOWNLOADS]: The instructions refer to the official Omni CLI repository on GitHub (
github.com/exploreomni/cli) for installation, which is a verified vendor source. - [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection because it processes user-supplied information, such as emails, display names, and document IDs, and interpolates them into CLI commands and JSON request bodies.
- Ingestion points: User input enters the context through prompts for administrative tasks described in
SKILL.md, such as user creation or permission updates. - Boundary markers: No delimiters or boundary markers are used to separate user-provided content from the rest of the command string.
- Capability inventory: The skill is capable of executing administrative commands via the
omniCLI that can alter instance configurations. - Sanitization: There are no specific sanitization or escaping instructions provided for handling external input before it is used in shell commands or JSON structures.
Audit Metadata