Skills
skills/getstream/agent-skills/stream-cli/Gen Agent Trust Hub

stream-cli

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill automates the installation of the official Stream CLI by fetching and executing a bash script from the vendor's verified domain (https://getstream.io/cli/install.sh). This follows standard distribution practices for developer tooling and is performed with explicit user approval.
  • [EXTERNAL_DOWNLOADS]: The skill manages dependencies by downloading peer skill components from the vendor's official skill repository using the npx skills add command.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from the Stream API which presents a surface for indirect prompt injection.
  • Ingestion points: API response data retrieved via stream api commands in SKILL.md.
  • Boundary markers: No specific delimiters or "ignore instructions" directives are used when processing API outputs.
  • Capability inventory: The skill's environment includes shell execution (Bash), system information access (uname), and network capabilities (curl).
  • Sanitization: No explicit sanitization or filtering of API response content is performed before the agent summarizes the data for the user.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 04:46 PM