halo-cli-operations
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill documents legitimate usage of the
haloCLI tool for system administration tasks. - [EXTERNAL_DOWNLOADS]: The skill includes commands to install themes and plugins from remote URLs (e.g.,
halo theme install --url). The documentation highlights a safety mechanism where the CLI tool prompts for confirmation for any host other than the official domain (www.halo.run), which helps mitigate risks associated with untrusted sources. - [COMMAND_EXECUTION]: The skill leverages the local
halobinary to perform operations. These are standard management functions for the associated software and are used according to the vendor's intended design. - [DATA_EXFILTRATION]: While the skill includes upload and download capabilities (e.g.,
halo attachment upload,halo backup download), these are directed at the managed CMS environment and do not show signs of unauthorized data exfiltration.
Audit Metadata