glean-cli-tools
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the glean CLI to interact with platform tools. This is a vendor-provided tool from gleanwork intended for platform management.
- [DATA_EXFILTRATION]: No sensitive file access or unauthorized data transfer was found.
- [PROMPT_INJECTION]: The skill accepts JSON data via the --json flag, creating an ingestion surface. 1. Ingestion point: --json flag in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: glean tools run command in SKILL.md. 4. Sanitization: Absent. While these components create a surface for indirect prompt injection, the scope is limited to the vendor-provided CLI environment.
Audit Metadata