Command Development
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides extensive documentation and examples for executing system commands using the bash execution syntax. Examples in SKILL.md and examples/simple-commands.md include git, npm, kubectl, and the GitHub CLI. This functionality is the primary purpose of the skill and is documented with guidelines on limiting tool scope.
- [PROMPT_INJECTION]: The skill describes an indirect prompt injection surface where commands ingest user arguments ($1, $ARGUMENTS) and file content (@). Evidence chain: Ingestion occurs via positional arguments and file references; Boundary markers are optional but supported via conditional logic; Capability inventory includes file manipulation and shell command execution across multiple provided examples; Sanitization is specifically promoted via the 'Validation Patterns' section which demonstrates using grep to enforce regex constraints on inputs before processing.
- [EXTERNAL_DOWNLOADS]: Command examples reference well-known services and tools including the GitHub CLI, npm, and Kubernetes. These references are documented neutrally as standard integrations for development workflows and target trusted organizations and well-known technology services.
Audit Metadata