Skills
skills/halo-dev/cli/halo-content/Gen Agent Trust Hub

halo-content

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple subcommands of the halo CLI tool (e.g., halo post, halo single-page) to interact with a Halo CMS instance as described in SKILL.md.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing external data from files and raw JSON strings.
  • Ingestion points: External content is loaded via --content-file, --file, and --raw flags in create, update, and import-json commands in SKILL.md.
  • Boundary markers: Absent; content is passed directly to the CLI tool without delimiters or instructions to ignore embedded commands.
  • Capability inventory: The skill performs file reading, file writing via the --output flag, and network communication through the halo CLI tool.
  • Sanitization: Absent; no explicit sanitization or validation of the ingested content is documented in the skill files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 08:24 AM