Skills
skills/getcargohq/cargo-skills/cargo-cli-connection/Gen Agent Trust Hub

cargo-cli-connection

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the @cargo-ai/cli package from the npm registry. This is a vendor-provided tool necessary for the skill's primary functionality and its download is considered standard practice for this toolset.
  • [COMMAND_EXECUTION]: The skill operates by executing cargo-ai CLI commands to list, create, and manage connectors and integrations. These commands are executed locally by the agent to perform administrative tasks within the Cargo ecosystem.
  • [CREDENTIALS_UNSAFE]: The documentation provides instructions for logging in using an API token via the command cargo-ai login --token <your-api-token>. The use of bracketed placeholders like <your-api-token> is a safe way to guide users to provide their own credentials without hardcoding secrets.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 05:20 PM