cargo-cli-ai
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the
@cargo-ai/clipackage from the npm registry, which is the official tool for managing Cargo resources. - [COMMAND_EXECUTION]: The skill relies on shell commands using the
cargo-aiCLI to perform administrative tasks such as creating agents, deploying releases, and managing memories. - [DATA_EXFILTRATION]: Provides instructions for uploading local files to the vendor's cloud platform using
cargo-ai ai file uploadto support retrieval-augmented generation (RAG) features. - [CREDENTIALS_UNSAFE]: Explains the authentication process using the
cargo-ai logincommand with a placeholder for the user's API token, following standard security practices for documentation.
Audit Metadata