Skills
skills/nulab/bee/using-bee/Gen Agent Trust Hub

using-bee

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the bee CLI tool to perform Backlog service operations, including issue tracking, pull request management, and wiki editing.
  • [EXTERNAL_DOWNLOADS]: The skill references additional documentation from the vendor's official GitHub Pages site at https://nulab.github.io/bee/llms-full.txt. This resource is owned by the skill author 'nulab'.
  • [PROMPT_INJECTION]: The skill documents an indirect prompt injection surface but provides mitigation via clear security instructions to the agent. 1. Ingestion points: Data retrieved from Backlog projects via bee issue, bee pr, and bee wiki commands in SKILL.md. 2. Boundary markers: Explicit 'Security' section warning the agent to treat Backlog content as data, not instructions. 3. Capability inventory: Use of bee CLI for managing projects and making raw API requests in SKILL.md. 4. Sanitization: Implementation of instructional warnings to differentiate external content from agent directives.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 01:24 AM