Skills
skills/firecrawl/openclaw/blucli/Gen Agent Trust Hub

blucli

Pass

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [UNVERIFIABLE_DEPENDENCIES_AND_REMOTE_CODE_EXECUTION]: The skill configuration specifies the installation of a Go module from a public GitHub repository (github.com/steipete/blucli/cmd/blu@latest). This introduces a dependency on external code that is not from a verified trusted organization.
  • [COMMAND_EXECUTION]: The skill's instructions require the execution of the blu command-line tool, enabling interactions with local hardware devices.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes potentially untrusted output from local network devices via the blu tool. -- Ingestion points: blu devices and blu status outputs in SKILL.md. -- Boundary markers: None present. -- Capability inventory: Command execution via blu in SKILL.md. -- Sanitization: None present.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 18, 2026, 12:42 PM