Skills
skills/hkuds/cli-anything/cli-anything-rms/Gen Agent Trust Hub

cli-anything-rms

Pass

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the agent harness from the author's GitHub repository (HKUDS/CLI-Anything) during the installation process.
  • [COMMAND_EXECUTION]: Executes shell commands through the cli-anything-rms tool to manage device configurations, users, and remote access sessions.
  • [PROMPT_INJECTION]: The skill processes data from the external Teltonika RMS API, which represents an indirect prompt injection surface.
  • Ingestion points: Data retrieved from the RMS API through commands in the devices, logs, alerts, and configs groups as defined in SKILL.md.
  • Boundary markers: No delimiters or isolation instructions are present to distinguish API data from agent instructions.
  • Capability inventory: The skill possesses high-impact capabilities including file uploads (files upload), password management (passwords update), and remote session control (remote-access create).
  • Sanitization: No evidence of sanitization or validation of the API-provided content is specified before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 18, 2026, 12:02 PM