opencli
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill interacts with and fetches data from well-known services including Bilibili, Twitter, Reddit, and GitHub as part of its core automation functionality.
- [COMMAND_EXECUTION]: The tool executes local adapter scripts defined in TypeScript or YAML to perform web actions. These adapters are stored within the skill's directory and used to interface with specific websites.
- [DYNAMIC_EXECUTION]: It uses
page.evaluateandinstallInterceptorto execute JavaScript and capture network traffic within a browser context. This is the intended primary purpose of the tool for automating interactions with modern web applications. - [PROMPT_INJECTION]: The skill ingests data from external websites (e.g., search results, social media feeds) which provides a surface for indirect prompt injection. However, the tool is designed to return structured data (JSON/Table) to the agent, reducing the risk of accidental instruction obedience.
Audit Metadata