cli-design
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines a HATEOAS pattern where CLI outputs suggest 'next_actions' for the agent to execute. This creates a surface for instructions embedded in data to influence agent behavior.
- Ingestion points: CLI JSON responses parsed by the agent (defined in SKILL.md).
- Boundary markers: None specified in the architectural guidelines.
- Capability inventory: Describes executing system tools like kubectl, joelclaw, and bun.
- Sanitization: Not explicitly addressed in the design patterns.- [COMMAND_EXECUTION]: The skill instructs on the creation of CLI tools that perform system operations. These capabilities are consistent with the skill's purpose as a development guide for administrative tools.- [SAFE]: Analysis reveals no evidence of credential harvesting, unauthorized data exfiltration, or malicious persistence mechanisms.
Audit Metadata