Skills
skills/nbbaier/agent-skills/val-town-cli/Gen Agent Trust Hub

val-town-cli

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [Command Execution] (SAFE): The skill is primarily a reference for executing vt CLI commands to manage serverless functions. These operations are the intended primary purpose.
  • [Indirect Prompt Injection] (LOW): The skill possesses an attack surface where untrusted data could influence agent behavior.
  • Ingestion points: Remote logs via vt tail, external code via vt clone or vt pull, and environment configurations.
  • Boundary markers: None identified. Instructions do not include delimiters or warnings to ignore embedded commands in logs or code files.
  • Capability inventory: Full access to the vt CLI which can push, pull, delete, and modify remote infrastructure.
  • Sanitization: No evidence of output sanitization or validation of the data retrieved from Val Town servers.
  • [Best Practice Violation] (LOW): The skill explicitly documents how to disable safety confirmations via vt config set dangerousOperations.confirmation false. While a legitimate CLI feature, recommending its use to an AI agent increases the risk of unintended destructive actions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:15 PM