eightctl
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill configuration defines an installation step that downloads source code from a third-party repository on GitHub (github.com/steipete/eightctl/cmd/eightctl).
- [REMOTE_CODE_EXECUTION]: The installation process uses the Go toolchain to fetch and compile a binary from a remote source at runtime, which is an external dependency execution vector.
- [COMMAND_EXECUTION]: The skill relies on executing the 'eightctl' binary to manage device states, schedules, and local configuration files stored in the user's home directory (~/.config/eightctl/).
- [PROMPT_INJECTION]: The skill processes data returned from the Eight Sleep API, creating a surface for indirect prompt injection if the API provides untrusted or maliciously crafted content.
- Ingestion points: Command outputs from 'eightctl status', 'alarm list', and 'schedule list' are ingested into the agent's context (SKILL.md).
- Boundary markers: No specific delimiters or safety instructions are provided to the agent to differentiate between the tool's output and its internal logic.
- Capability inventory: The skill has the capability to run system commands ('eightctl') and perform network requests to external APIs (SKILL.md).
- Sanitization: There is no indication of sanitization, filtering, or validation of the data retrieved from the Eight Sleep service before it is presented to the LLM.
Audit Metadata