stricli
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation references
@stricli/coreand@stricli/auto-completefrom the official NPM registry. These packages are maintained by Bloomberg, a well-known and reputable technology organization. - [COMMAND_EXECUTION]: Example 8 in the documentation demonstrates using Bun's shell execution API (
$) to wrap existing CLI tools likegit. This is a standard documentation pattern for CLI wrappers and utilizes Bun's built-in security features for shell argument escaping. - [PROMPT_INJECTION]: The framework describes building applications that ingest external input via CLI flags and positional arguments, creating a surface for Indirect Prompt Injection. Ingestion points: CLI parameters defined via
buildCommandinSKILL.mdandreferences/examples.md. Boundary markers: The framework uses type-safe parsers and enums but does not implement LLM-specific boundary markers. Capability inventory: Documentation examples across several reference files demonstrate capabilities for file system access and shell command execution. Sanitization: Input is validated and transformed via the framework's parsing layer before being processed by application logic.
Audit Metadata