Skills
skills/oakoss/agent-skills/cli-power-tools/Gen Agent Trust Hub

cli-power-tools

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines patterns for executing powerful CLI operations including in-place file modification using sed -i and recursive command execution (such as file deletion) via the fd -x and xargs patterns.
  • [EXTERNAL_DOWNLOADS]: Documents the installation of various Rust-powered utilities through established package managers like Homebrew, APT, and Cargo. These references point to official repositories and well-known software tools.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) due to its primary function of processing external data.
  • Ingestion points: Any file, codebase, or log stream analyzed by tools like ripgrep, jq, bat, or nushell (referenced in SKILL.md and references/modern-unix-toolbox.md).
  • Boundary markers: Absent; the instructions do not provide delimiters or warnings for the agent to ignore potentially malicious instructions embedded in the data being processed.
  • Capability inventory: The skill enables significant system impact through file-writing (sed), file-deletion (rm), network requests (xh, http), and arbitrary command execution (fd -x).
  • Sanitization: Absent; there is no guidance on escaping or validating external content before it is processed or used in pipelines.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 04:35 AM