hive
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the
hiveCLI tool directly from the author's official GitHub repository (notdp/hive) usingpipx install. This is a vendor-provided dependency necessary for the skill's inter-agent communication functions. - [COMMAND_EXECUTION]: The skill uses various
hivesubcommands to interact with the local environment, specifically targetingtmuxsessions for discovering context and injecting messages into panes. It also utilizes theghCLI for interacting with GitHub APIs. - [PROMPT_INJECTION]: The skill implements a communication protocol that processes messages from other agents wrapped in
<HIVE>tags, which represents an indirect prompt injection surface. * Ingestion points: Messages from other agents appearing in the terminal pane as output. * Boundary markers: The protocol utilizes<HIVE ...> ... </HIVE>tags to identify and delimit inter-agent communication. * Capability inventory: The environment includes thehiveCLI for state management and messaging, as well as theghCLI for repository interactions. * Sanitization: There are no documented procedures for sanitizing or validating the content of these incoming messages before the agent processes them.
Audit Metadata