blucli
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill metadata initiates an installation of the
bluutility from a third-party repository (github.com/steipete/blucli/cmd/blu@latest) using the Go module system. - [COMMAND_EXECUTION]: The agent is instructed to execute the
blucommand-line utility with various arguments to manage audio playback, device grouping, and volume settings. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from local network devices. 1. Ingestion points: Data enters the agent context through the output of
blu devices,blu status, andblu tunein searchcommands. 2. Boundary markers: No markers or explicit instructions are provided to the agent to ignore instructions embedded in the tool output. 3. Capability inventory: The agent has the capability to execute system commands through theblutool. 4. Sanitization: There is no evidence of data sanitization or validation for the content returned by the hardware.
Audit Metadata