openhue
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
openhueCLI to perform actions such as bridge discovery (openhue discover), setup, and light/scene control (openhue set). These commands are executed in the local shell environment.- [EXTERNAL_DOWNLOADS]: The skill configuration specifies the installation of a third-party Homebrew tap (openhue/cli/openhue-cli) to provide the necessary command-line tools.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it ingests untrusted data from the Hue Bridge environment. - Ingestion points: The skill reads JSON data containing light, room, and scene information (
openhue get light --json). - Capability inventory: The agent can execute shell commands to modify lighting states based on this data.
- Boundary markers: There are no explicit boundary markers or instructions to ignore embedded commands within the processed JSON.
- Sanitization: No sanitization or validation of the Hue Bridge output is defined in the skill documentation.
Audit Metadata