Skills
skills/joeseesun/opencli-skill/qiaomu-opencli-oneshot/Gen Agent Trust Hub

qiaomu-opencli-oneshot

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the execution of local development commands like npm run build and opencli to compile and verify newly generated CLI adapters.
  • [DYNAMIC_EXECUTION]: The skill's core functionality is the generation and execution of TypeScript code based on provided templates for various authentication strategies.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: To enable authenticated API calls in generated adapters, the skill instructs the agent to extract session data such as browser cookies and CSRF tokens (e.g., Twitter's ct0 token). This data is used locally within the generated scripts to replicate authenticated requests.
  • [CREDENTIALS_UNSAFE]: The template for Twitter integration includes a hardcoded Bearer token. This is a publicly known token used by the Twitter web application for guest access to its GraphQL API and is provided as boilerplate for the template.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes content from arbitrary user-provided URLs.
  • Ingestion points: browser_navigate in SKILL.md.
  • Boundary markers: Absent.
  • Capability inventory: browser_evaluate, file system writes, and command execution (npm, opencli).
  • Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 12:37 PM