computer-fleet
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill attempts to install the 'aicomputer' CLI globally using 'npm install -g' if it is not present on the system.
- [COMMAND_EXECUTION]: The skill heavily utilizes the bash tool to run a variety of 'aicomputer' CLI commands for session management and remote prompting.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes and interacts with output from remote agents. * Ingestion points: Remote agent output and status information are ingested via 'computer agent prompt', 'computer agent watch', and 'computer fleet status' commands as seen in SKILL.md and references/cli-cheatsheet.md. * Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the data received from remote sessions. * Capability inventory: The skill possesses capabilities for local shell execution and remote task delegation. * Sanitization: No sanitization or validation of data from remote agent sessions is documented before processing by the agent.
Audit Metadata