droid-cli
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The instructions describe launching shell shims and executing background processes through tools like
tctlandbunfor managing development checkouts. These operations are standard and necessary for the tool's described functionality as a development orchestrator. - [PROMPT_INJECTION]: The skill defines features for processing external source code during review sessions and file suggestions, creating a potential surface for indirect prompt injection. Ingestion points: reads repository files and terminal output (SKILL.md). Boundary markers: utilizes isolated shells via
bash -lcto maintain context. Capability inventory: allows subprocess execution through exec and bash modes. Sanitization: no specific content filtering is described in the documentation.
Audit Metadata