genie-editor-cli-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation and execution of the
@axhub/geniepackage from the npm registry to provide the necessary CLI functionality.\n- [COMMAND_EXECUTION]: The workflow relies onnpxto execute commands for status monitoring, client discovery, and node state management within the Genie ecosystem.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests design data and notes from the Genie editor service.\n - Ingestion points: Data enters the context via
npx @axhub/genie editor nodes listandnpx @axhub/genie editor snapshotcommands (e.g., inSKILL.md).\n - Boundary markers: There are no explicit delimiters or instructions to ignore potential commands embedded in node labels or design notes.\n
- Capability inventory: The skill utilizes shell command execution, file system access, and network communication via the CLI tool.\n
- Sanitization: Inputs from the design service are processed directly without validation or escaping.
Audit Metadata